Saturday, January 31, 2009

Problem Of Routes Flushing In Core Of MPLS



In my previous post i explanined the how the missing labels can forward the route traffichow the missing labels can forward the route traffic to another locations. This scenario is also like the same but in this customer end to end is pinging but our core is not pinging.


Introduction
A figure given is typical SP network in which MPLS is used and loopbacks are used for label advertisements. By default labels are generated for all the RIB routes and being distributed to all its adjacent peers. But in the current scenario labels are only advertised for loopbacks only and the same loopbacks are being used for MP-BGP. OSPF is used as IGP. MPLS core is having two route reflectors and every PE is having peering with each RR to provide redundancy to customers. Customer is having two branches; HO is located near PE1 and branch office is located near to PE3. Static routing is used between PE-CE. A vrf TEST is used for customer. Route reflectors are loaded with 12.4(15) T1 ios. PE1 & PE2 are using 12.2(31) SB13 ios and PE3 is 2800 series router which is using the 12.3 sp ios. RR1 is having smallest router id than RR2, so always RR1 route will be preferred.

Problem Description
Customer HO is already provisioned and serving all the other branch locations. A new branch is being provisioned named CPE-A which is directly connected with PE3. Prior to its provisioning the same vrf TEST is configured on PE2 with no ip address and able to receive all the routes from HO. Without deleting the vrf from PE2, we configured the vrf TEST on PE3 with static route of CPE-A lan pointing towards wan address. Static routes are also configured at CPE-A end pointing towards PE wan. Once the provisioning completed we are able to ping PE-CE interfaces successfully. But remote locations are still unreachable. There after we check the route updates on PE1 for WAN BRANCH subnet and astonished to see that the routes are coming from both RRs but it prefers the RR2 route. But it should not be like this it is showing because it should select the RR1 update for routing the traffic. Another thing which is seen really a weird that the routes update is coming from both the RRs but with different next hop. In the given snap shot you can see that the second path is selected as best path which is coming from RR2 and PE address is 10.1.1.2. Actually there is a vrf configured on PE2 but with no ip address. First update is correct update but it does not prefer. I thought there might be some problem other it cannot happen like the way it is going on. Right now customer as per us customer is down because it is not reachable in our clod but the same instant a call received from customer end and he tells the link starts working. Customer call really intrigues me. I think how this can possible? Sub optimal routing makes customer end to end live.


On PE1 update for 10.10.4.0/24 is coming from PE2 and advertising by RR2 but it should be RR1. Router is receiving 1000 as out label for lan route and next hop is PE2. On PE2 1000 is used as in label and 2000 is used as out label and on PE3 2000 label is used for customer lan. It clears the fact that labels can do anything which I have already described in “Missing Labels Cause Packet Drops”.

Findings
Below are the commands used for trouble shooting
a) Show ip bgp vpnv4 vrf TEST x.x.x.x – This command is used to check the updates from teh different Route reflectors and tells which is selected as best with which label will be tagged during the forwarding of route.
b) Show ip route vrf TEST x.x.x.x – This command is used to see which route is installing in the vrf routing table.
c) Show mpls forwarding label

Friday, January 30, 2009

Recession: Best Time Of Learning

Recession is the best time for learing. During this period you can make your skills more groom & try the new things.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, January 28, 2009

Cisco and Juniper SSM Deployment with Anycast RP

From one of the discussion hritter from cisco cleared a good point regarding the deployment of ayncast rp and ssm with cisco and juniper. If you are having juniper boxes as well as cisco boxes and you are planning to deploy SSM solution in the core then it won't work with juniper because juniper IOS only supports data mdt not default mdt. But for basic deploment of MVPN data mdt is mandatory. So if the juniper IOS is not going to support then you require some protocol which can help to converge your mdt tunnel. For that you have to deploy anycast rp which will be responsible for the convergence of default mdt and then you can deploy SSM for your data mdt.
Really a awesome solution.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, January 27, 2009

Forwarding Address In LSA 5

External routes in OSPF is generated by ospf link state advertisement (LSA5), a default behaviour of ospf. What will happen if the same route is being advertised by two asbr. How the far end router selects which route is the best. Remote router will be receiving the route with metric of 20 so may be it will load balance the traffic. This is the CCNA perception. But actually router checks forwarding address. It calculates the cost upto the forwarding address and compare the shortest as best path.
I am writing a full article on to that and definately will post with in few days.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Forwarding Address In LSA 5

External routes in OSPF generate LSA 5, a default behaviour of ospf. What will happen if the same route is being advertised by two asbr. How the far end router selects which route is the best. Remote router will be receiving the route with metric of 20 so may be it will load balance the traffic. This is the CCNA perception. But actually router checks forwarding address. It calculates the cost upto the forwarding address and compare the shortest as best path.
I am writing a full article on to that and definately will post with in few days.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, January 23, 2009

Configuring VPDN On Huawei Router

The main reason to post the document on blog is that we did not find any document related to huawei on internet which can help us out to deploy VPDN. So enjoy reading.

Introduction
This document describes how to configure VPDN on huawei router with local authentication.

Requirements
Enterprises customer always have requirement that their branch offices should connect to HO with the help of VPDN. The reason for giving VPDN access is mobility of the client. Any time any where branch office can dial a ip address which should be publically available and client PC can able to access the HO.

Understand the current topology
As shown in the figure 1 Customer HO is reachable via internet. For external access to its offices users a public ip address is configured on loopback 100. Any branch office PC can dial the ip address with respective username and password provided and after successful authentication user can easily access the devices. In the current topology HO is using huawei router and vpdn services are enabled on it. Remote user is using Windows XP & by default Windows XP use PPTP protocol but in the scenario customer requirement is to L2TP protocol. For this we need to make some changes on Windows XP machin which is given later in the document.

Advantages Of Using VPDN
Saving capex in terms of router and all lan infrastructure
Mobility of access

Requirements
Huawei router need to be configured with VPDN configuration and Windows XP registery need to be modified with one value.

Problems Faced During Implementation
a) Debugs of L2TP were not generating on router.
b) On PC we were getting error number 792. It means PC is dialing but not getting response from the sever which is Huawei router in this case. But on router no L2TP logs were generated . In PC we had added a value in registry and was saved successfully. But after that we need to reboot the PC and there after logs were coming on router.
c)Now logs were coming on the router but we were getting one new error on PC i.e username and password is invalid for domain. The error was recovered by adding a simple command & there after PC authenticated successfully.

Configuration On Huawei Router
a) Enable L2TP on router.
l2tp enable
b) Define IP Pool For VPDN Users. IP addresses will be allocated friom this pool.
ip pool 1 192.168.100.10 192.168.100.254
c) Create Local User Name as shivlu & Password as huawei With Service Type PPP
local-user shivlu
password simple huawei
service-type ppp
Note:- If the service-type ppp command will be missing then you will be welcomed with the error “Username and Password Is Invalid For Domain” on Windows XP.
d) Create Interface Template
interface Virtual-Template1
ip address 192.168.100.9 255.255.255.0
remote address pool 1
Note:- Calling Pool 1 which is configured step b.
e) Bind Virtual Template With L2TP Group
l2tp-group 1
allow l2tp virtual-template 1
Note:- Calling Virtual Template 1 which is configured in step d.

Configuration On Windows XP/Vista
On Windows we need to create a value in the registry. In the below mentioned path create a Dword with value 1
Hkey_Local_Machine\System\CurrentControlSet\Services\RasMan\Parameters

Click Here to Download the full document.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, January 22, 2009

Hacking Punishment In India

Social Engineering:- People who gain access to an email using socail engineering can be booked under section 463 of IPC. Punishment is 2 years jail and/or fine.

General Hacking:- Unauthorised access to a computer system is punishable under section 70 of IT Act. Punishment is up to 10 years jail and/or a fine.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, January 21, 2009

Important Points to be discussed with Partner / Customer on NNI Meeting

Important Points to be discussed with Partner / Customer on NNI Meeting:

This document is forwarded to me by one of my friend. It is considering the Scenario as 2nd Service Provider & Ist Service Provider as Partners and there comes the Business Requirement to commission the NNI between the Partners Network.

1.Scope of NNI
 Why NNI
 Understand the Business Requirement and Scope of the Business to go for NNI
 Check with Business Team for some Agreement Documents
a)Physical Part
 It means “who reaches whom”
1.Partner
 2nd Service Provider drops the NNI cable to Ist Service Provider office (or) the vice versa
 The Partner who is going to drop the cable will bear the COST
a)Technical (in Technical Perspective)
 How to connect on Physical Layer
 RACK Position
 X – Connect between Partner ASBR and SELF ASBR
 Whether the ASBR are going to be co-located. In this case, the scenario is, if the NNI is going to be @ US – NY. 2nd Service Provider & Ist Service Provider doesn’t have the Office @ US. The ASBR Routers are going to be co-located @ different building. Analyze the “REMOTE HANDS-ON” who is going to support on this ASBR (in terms of Layer1 activity, IOS Upgrade, Card Insertion, etc.,).
Again the cost involved in Remote-Hand-on and how the same is going to be out-sourced.
 Another Scenario, one of the Partner 2nd Service Provider / Ist Service Provider has office @ US – NY means the other partners ASBR can be co-located in the partner’s office itself. This will reduce the cost involved for remote-hands-on.

2.Type (in Business Perspective)
 Media Type of the NNI (STM – 1, DS – 3 Circuit or others)
 Required Infra to use the Media & others
 Long-term (or) Short Team NNI Connectivity
 Volume of Customers that are going to be on the NNI


3.Option of NNI (in Technical Perspective)
a)Option A
b)Option B
c)Option C
Note: Refer RFC for more details about the NNI Options.


More Information:
QOS Type 
A  QOS is scalable. The QOS can be applied per Customer Basis. Ingress Mechanism can be used.
B / C  Only RATE-LIMIT is possible

4.Redundancy in NNI
 Location Determination
 Gateway (The Primary & Secondary NNI landing points are to be determined. The Primary NNI should land on MUM NOC and the Secondary NNI should land on DEL NOC. The both are to be ultimately different in terms of Metro / Inter-city Cable connectivity and others).
 Cable System (FYI, the SMEW4 & SME3 cable systems are even though different they both inter-connect at some point. This includes again a single point of failure. More precautions has to be taken care, the Primary & Secondary NNI are via two uniquely different Cable Systems).
 PATH Determination (How the traffic is going to exit out of the Country)
5.QOS Marking Exchange
 Discuss with Partner and determine the QOS Marking Exchanges over NNI
 Case, 2nd Service Provider will use Precedence and Ist Service Provider may use DSCP values for their own company standards
 Check with the Partner and do the respective values locally. For eg: For Voice 2nd Service Provider will use IP Precedence of 5. Similarly, identify the equally available value in terms of DSCP and match @ Ist Service Provider end.
 In addition, understand the partners Business Terminology on providing the Services to the Customers
 Case, 2nd Service Provider Terminology is Platinum, Gold, Silver and Others. Ist Service Provider Terminology may be, Gold, Silver, Others
 Ist Service Provider’s GOLD and 2nd Service Provider’s PLATINUM may not be the same. But Ist Service Provider’s SILVER and 2nd Service Provider’s GOLD may be the same
 The point involves more understanding on Business Perspective. Eg: Consider a Customer coming over NNI. 2nd Service Provider’s GOLD and Ist Service Provider’s SILVER may be matching in terms of Terminology & Services Level. Here Ist Service Provider providing SILVER based and 2nd Service Provider Providing GOLD based Service make more sense rather than 2nd Service Provider providing PLATINUM Service. The same is applicable vice versa.

What is SKA?
SENDER KEEPS ALL
 The Concept here is, you give me the traffic and I give you the traffic
 The concepts doesn’t involve any COST

Note: Going back to Point:
1.
a) 
1. 
2.  Customer
 The COST of NNI will be bared by the Customer itself because it’s the Customers interest to connect for Business Requirement.
 Nevertheless, rest all other points are common in-terms of Agreement.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, January 20, 2009

Triumph

This is the third time I received $100 from cisco in time span of 9 months. The program which I subscribe was earn while learn program & really a good one. It gave me a massive knowlege of pre sales sort of things. Study material was being provided by cisco. If any one interested in study material do let me know I will do that.

Cisco is really great to me because I got $300 in 9 months.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, January 19, 2009

Basic Of QOS

Without implementing QOS in network it sounds like you are living without soul. The another problem is that network is open to accept more attacks. So with the addition to security QOS is also required in the network. QOS is very effective tool for service provider as well as for enterprise network. In this I am trying to give the brief of QOS model.

Types of QOS Models:-
a) Best Effort
b) DiffServ Model
c) Integrated Service

Prior to DSCP model we were having IP Precedence Value which was in IP header (TOS). It is having 3 bits, it means no more than of 8 combinations. But there after the TOS header was replaced by DS field header. The DS field header consist of 6 bits for DSCP and 2 bits for ECN(Explicit Congestion & Notification).

Best Effort Means no QOS will be used for packets. Packets will be forwarded with the least priority by default. Thats why it is called that on internet the traffic is sent as BE or best effort. Now the question comes how service provider or enterprise can use BE class in the network. It canbe implemented by with the help of MQC. In this we can classify and mark the itraffic which we are looking for & rest of traffic could be put in the BE class.

DiffServ Model consist of Class Selector, Assured Forwarding & Expediated Forwarding. Class selector (CS) is used for the backward compatibility with IP Precedence. Why it is required because the new ip header is using DSCP fields but there are many old ip header exists in the network and they are still on IP Precedence. For this reason Class Selector is used. But now the question comes how 6 bits equal to 3 bits of IP Precendence.

DSCP Class Selector Equivalent Precedence Values
CS0(Default) (000000) 0
CS1 (001000) 1
CS2 (010000) 2
CS3 (011000) 3
CS4 (100000) 4
CS5 (101000) 5
CS6 (110000) 6
CS7 (111000) 7

It is explicity showing that 3,4 & 5 bits are changing and 0,1, & 2 bits are the same. So we can the decimal value of DSCP is given below with respect to IP Precedence

0-7 (000000) 0
8-15 (001000) 1
16-23 (010000) 2
24-31 (011000) 3
32-39 (100000) 4
40-47 (101000) 5
48-55 (110000) 6
56-63 (111000) 7

If the next your router is receiving the values between 32 – 39 and you want to mark the ip precedence value on that packet then use 4 for the same.

DiffServ model is having two more important things besides class selector. One is assured forwarding and another is Expediated Forwarding. As per assured forwarding no more than 4 classes will be used and with in a class three types of drop probabiity is introduced. Lower the number least the drop probability. In expediated forwarding which is also known as EF and having only a one vale i.e 46. The EF class is used for low latency traffic like voip etc & always provide the quaranteed bandwidth. The traffic which falls in EF class will always get priority.

Integrated Model is used for signalling to reserve the bandwidth on per flow basics. RSVP & Admission Control is used in InterServ Model.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, January 16, 2009

Cisco M Drive Technology

As part of the Cisco Motion strategy and vision, Cisco has introduced Cisco M-Drive technology, a set of tools to facilitate the transition to 802.11n by helping deliver a scalable, reliable wireless foundation. A systemwide feature of the Cisco Unified Wireless Network, M-Drive addresses the four most important concerns of adopting a robust, business-ready wireless network: reliability, scalability, compatibility, and security.
The Cisco Unified Wireless Network relies on the Cisco portfolio of 802.11n access points: the Cisco Aironet 1250 Series and the Cisco Aironet 1140 Series. The 1250 Series is a ruggedized platform with external antennas, designed for challenging RF environments. The 1140 Series is optimized for office environments, with a sleek design and integrated antennas.
Cisco M-Drive technology offers tangible benefits such as:
• Enterprise-hardened access point designs appropriate for both office and ruggedized environments

• Greater wireless capacity and coverage

• Optimized client performance

• Simple wireless management

Cisco M-Drive technology simplifies the adoption of 802.11n by building on Cisco's experience in wireless design, testing, and validation. When deploying a Cisco 802.11n solution with Cisco M-Drive technology, you get the confidence of having:
• The solution that is used as the benchmark for the Wi-Fi Alliance 802.11n test bed

• A solution that has been extensively tested with Intel Centrino based laptops and is Centrino Certified

• A solution that integrates seamlessly into your existing Cisco wired network infrastructure

In all cases, Cisco M-Drive technology is fully compatible with all new 802.11n and existing 802.11a/g equipment. In this way it helps facilitate the adoption of 802.11n while extending the useful life of existing 802.11a/g solutions.

For more please visit here.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, January 15, 2009

Changes to CCIE Lab and Written Exam Question Format and Scoring

Received Updates From Cisco

Effective February 1, 2009, Cisco will introduce a new type of question format to CCIE Routing and Switching lab exams. In addition to the live configuration scenarios, candidates will be asked a series of four or five open-ended questions, drawn from a pool of questions based on the material covered on the lab blueprint. No new topics are being added. The exams are not been increased in difficulty and the well-prepared candidate should have no trouble answering the questions. The length of the exam will remain eight hours. Candidates will need to achieve a passing score on both the open-ended questions and the lab portion in order to pass the lab and become certified. Other CCIE tracks will change over the next year, with exact dates announced in advance.

Effective February 17th, 2009, candidates will also see two other changes in CCIE written exams. First, candidates will now be required to answer each question before moving on to the next question; candidates will no longer be allowed to skip a question and come back to it at a later time. Second, there will be an update to the score report. The overall exam score and the exam passing score will now be reported as a scaled score, on a scale from 300-1000. This change will not affect the difficulty of the current set of exams and will assure CCIE written exams will be consistent with Cisco’s other career certification exams.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Cisco was not using Mdt-Safi as per standard

One must need to understand the concept behind the mdt-safi. In cisco router to distinguish the mvpn routes it append type 2 rd value which is not legal as per RFC 4364 section 4.2. It explicitly shows that type 2 rd value is used by service provider to encapsulate as number. But cisco routers are using type 2 for multicast vpn routes. Now the problem which I have seen during the integration of cisco & another vendor in which if cisco router sends the mvpn route with type 2 then other router is not able to understand the route and may behave abnormally. So during the integration of cisco with another vendor where mvpn is required try to check the mdt-safi or use the cisco ios 12.2 sb series which are not using the type 2 values for mvpn routes.

You can see the various rd values given below:-
0x0000 |As Number| Local
0x0001 | Ip Address | Local
0x0002 | As Number | Local


regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, January 13, 2009

Which Labels Cisco Router Advertise To Its Neighbors

By default on cisco router labels are generated for each and every route. So when you use the command “mpls ldp advertise-label” it means it will advertise all the labels to its adjacent neighbours. But in actual neighbours require only the labels for loopbacks which are being used for MP-BGP. So there is no requirement to advertise all the labels. For saving the overhead we can advertise the labels only for the loopback addresses by using an acl “mpls ldp advertise-label for mpls_acl”.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, January 12, 2009

Frequent Drops In MPLS

Sometime you might face a problem in which some of the PE are working fine but some of PEs might facing a problem of packet drops. This type of problems arises only that time when you are advertising labels only for your loopbacks. Try to check your acl which is being used for labels there will be a missing subnet of which you were getting drops. After adding the subnet in the acl the drops will be vanished.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, January 9, 2009

Missing Labels Can Forward The Routes To Somewhere Else



Introduction
A figure given is typical SP network in which MPLS is used and loopbacks are used for label advertisements. By default labels are generated for all the RIB routes and being distributed to al its adjacent peers. But in the current scenario only labels are advertised for loopbacks only and the same loopbacks are being used for MP-BGP. OSPF is used for IGP.

Problem Description
Suddenly in running network one of the PE1 lan interface stop getting response from the remote PE6 & PE7. But the freaky thing is that it is reachable from its area only. The same happened to PE3 but the difference is that loopback of PE3 is reachable from the whole cloud.

Findings
We did trace from PE1 to PE6 lan. Packet came to PE2 -> PE5 -> PE7 -> PE6 ->PE5 -> PE6 -> PE5.........the loop occurred between PE6 to PE5. But the actual path was PE1 -> PE2 -> PE5 -> PE6. The route update was properly receiving by PE6 by stating next hop as PE5. One weird thing we found the labels are originating with in the path for LAN routes also. This gives us a little hint it should not be like the way it was happening. After that we started out to dig the problem with the help of labels. On PE5 a label was generated for 10.10.1.0/24 route that was fine but PE5 router was forwarding the label (5001) to PE6. After that we checked on PE6 label for 10.10.1.0/24 route. The label should be 5001 but instead of 5001 we were receiving label 450. Then we again checked local label(450) on PE2 and that label was used for PE7. From PE7 packet was forwarding to PE6 from PE6 label 450 was used and forwarding to PE5 and on PE5 that label was used for PE7. In this way looped occurred among three. At last we concluded that there was some problem with the label advertisement. Why it was because labels should be generated for all routes but should not be advertised to another routers except loopbacks. This is actually the malfunctioning which is occurring for only few routes not for all.

Workaround
Simply we entered the command “mpls ldp advertise-labels”. After adding this command the labels which were generated for routes were distributed to all adjacent neighbours. Then we checked and found problem solved. The local and remote label findings were same and proper route forwarding was occurring. At last we add the command for mpls ldp advertise-labels for “Acl For Loopback” and checked the LIB and LFIB now the labels were locally generated for lan router but not advertised to remote locations.
It was noting apart from IOS bug.
This was the problem which we faced in the scenario is hardly found in real live network and prior to this I had seen this type of problem only in books.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, January 8, 2009

Design Considerations: OSPF Network Stability

OSPF Network Stability
Your ability to scale an OSPF internetwork depends on your overall network structure and IP addressing scheme. As outlined in the discussions concerning network topology and route summarization, adopting a hierarchical addressing environment and a structured address assignment will be the most important factors in determining the scalability of internetwork. Network scalability is affected by both operational and technical considerations.

Operationally, OSPF networks should be designed so that areas do not need to be split to accommodate growth. Address space should be reserved to permit the addition of new areas. Scalability should always be taken into consideration when designing your network. All routers keep a copy of the LSDB. As the network grows, they will eventually reach a point where the database becomes too large, resulting in inefficiency in your routing. Additionally, the LSAs will be flooded throughout the network, resulting in a congestion problem. The capability of your OSPF network to scale properly is determined by a multitude of factors, including the following:

 Router Memory Requrement
 CPU Requirement
 Available Bandwidth
 OSPF Security

regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, January 7, 2009

OSPF: Design Consideration

OSPF Design Guidelines
The OSPF protocol, as defined in RFC 1583 & RFC 2178 provides a high end solution for designing and implementing wan solutions for any organisation. But RFC 2178 is very good while designing OSPF network. It is advanced or updated version of RFC 1583. While designing OSPF network two important things need to be remembered. One is finalising the area boundary & another is assigning ip addresses in a proper and well structured manner. While revamping any cloud one must take care of both.

OSPF Network Topology
While designing OSPF network one should remember to maintain the following cited points:-
a) Hierarchical structure which includes area 0 works with the other area and other areas will work around it.
b) The number of routes in particular area.
c) Number of area to be connected with ABR.
d) Selection of DR on multi-access network.

Number of routers in an area
It is always recommended that OSPF area should not have more than 40 – 50 numbers of routers because SPF algorithm is very CPU intensive. But it doesn’t mean that we cannot increase the number of routers in an area, the all depends on the stability of links. The more the links will be stable less SPF will run. One can check the SPF by issuing show ip ospf command. In it SPF last triggered timer is given.

Number of areas connected with an ABR
It is always recommended that an ABR(One interface is in area 0) should not have more than 2 or 3 areas. Because for every area router has to maintain the LSD for every area and it is very cpu intensive process. The more you increase the number of areas lower the performance you get from the router.

Selection Of DR router
On broadcast or lan network DR router should be selected by issuing the priority command with 255 and the router should be enough capable to handle the SPF calculations because it is the one who will heading the whole routers on that lan. It is also recommend that a DR router should work only for one broadcast domain not for multiple.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, January 6, 2009

Support for overlapping area ranges

I was questioned on area summarization that if we do the area summarization of specific ip pool and some of the ip pools from the main pool are advertised in other areas what will happen in that situation? Will those ip pools will be unreachable or reachable?
I answered the pool which are advertising in other area will be unreachable prior to RFC 2178. But after RFC 2178 they proposed the ip pools which are advertising in another area will not be unreachable. They will receive as individual routes. This is explicitly depict in RFC 2178 section G.3 Support for overlapping area ranges.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, January 5, 2009

IP Allocation Plan

Ip schema is the heart of any organisation. If ip schema is not maintained then it can come up with the massive problem in future. I faced a problem during allocation of ip schema. So I decided to revamp the schema with future scalability. Currently for an ISP network we are allocating a /16 pool for a particular region and a summary is being originated for that pool. But have you ever think about that what will be happened if that network will expand exponentially. Definitely you will answer that’s why we reserve the /16 pool for that region. But as per me instead of allocating a /16 pool further divide the pool into multiples of small pool of /22. It means /22 will cover approx 64 number of subnets. Now divide the main region into logically four regions and assign the /22 pool to each region. In future down the line if the region routers need to be increased and a aggregation point is required in that time we need to change the area instead of changing the whole ip schema. This will bring the scalability and future expansion of ip addresses. A summary router of /22 will be originated from that aggregation point.
So the new schema would like cite below:-
Main Pool
10.0.0.0/8
Pool divided into smaller pools
10.1.0.0/16
10.2.0.0/16
10.3.0.0/16
10.4.0.0/16
::::::::::::::::
::::::::::::::::
10.255.0.0/16

-----------------------------------------------------------------------------------
Further divide the /16 pool to multiple logical pools of /22
10.1.0.0/16
-------------------------
10.1.1.0/24
to
10.1.63.0/24
Summary route will look like 10.1.1.0/22

10.1.64.0/24
to
10.1.127.0/24
Summary route will look like 10.1.64.0/22

10.1.128.0/24
to
10.1.191.0/24
Summary route will look like 10.1.128.0/22

10.1.192.0/24
to
10.1.255.0/24
Summary route will look like 10.1.192.0/22

Regards
shivlu jain
Click Here To Read Rest Of The Post...

Saturday, January 3, 2009

Design Considerations: How to select multicast group address

Multicast address always fall in 224 to 239. It means first four bits will be reserved for multicast address. Consequence 28 bits left behind. For the conversation of multicast ip address to mac-address 0100.5e is reserved. So we are left with 24 bits and lost 4 bits during the conversation from ip to mac. 1 bit is used by some other purpose that was being purchased by some. I don’t think so it is really story but a hear sound only. So we can say are only left with 23 bits. 5 bits are not available during the copy of multicast address to hardware or mac-address. 32 multicast IP addresses that map to the MAC address 0x0100.5e01.1020. That’s during the campus design of multicast it is always said that the overlapping of address should kept in mind.

Do not use x.0.0.x or x.128.0.x group addresses
Multicast addresses in the 224.0.0.x range are considered link local multicast addresses. They are used for protocol discovery and are flooded to every port. For example, OSPF uses 224.0.0.5 and 224.0.0.6 for neighbor and DR discovery. These addresses are reserved and will not be constrained by IGMP snooping. Do not use these addresses for an application. Further, since there is a 32:1 overlap of IP Multicast addresses to Ethernet MAC addresses as already explained, any multicast address in the [224-239].0.0.x and [224-239].128.0.x ranges should NOT be considered


regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, January 2, 2009

Design Considerations For MVPN

Design Considerations For MVPN

When deploying a multicast VPN service, providers try to optimize multicast traffic distribution and delays while reducing the amount of state. The following considerations have given MVPN providers direction in their MVPN deployment:
a) Core multicast routing states should typically be kept to a minimum.
b) MVPN packet delays should typically be the same as unicast traffic.
c) Data should typically be sent only to PEs with interested receivers.
e) Number of multicast routing states.
f) Overhead of managing the RP if PIM-SM is used
g) Difference of forwarding delay between shared tree and source trees which are very important.


regards
shivlu jain
Click Here To Read Rest Of The Post...