Thursday, April 30, 2009

Jumbo Frame Support

A good document of cisco which describes how to set the mtu and jumbo frame size on cisco switches. This is required mainly in service provider network when MPLS is implemented or customer which are coming on service provider network need more MTU sizes.

Click Here To Download


regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, April 29, 2009

Optimized Edge Routing

Last week I got an opportunity to visit one of our client's location. Client was having two links from different service providers and looking for a solution which can use the both links and if one of the link fails the whole traffic come over to another link. As per the requirement, I proposed the solution with BGP. With BGP client can set the preference to the routes and decide the outgoing path but the reverse will be taken as per IGP. Customer was happy enough with this solution but actually I was not. Finally I got a more solution which is Optimized Edge Routing (OER), definately I am not going to propose this to customer but would like to share. It is a good solution when customer is using multihoming and would like to load share the links.

Intraditional routing the best path is selected on the basics of lowest cost and that route installs in the routing table but with the help of OER we can create the traffic classes which are defined as subset of traffic on the network. The performance of each trafic class is measured as per the OER policy. OER monitors the traffic class performance and selects the best extrance or exit. If the traffic class performance does not conform to the policy, OER selects another entrance or exit.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, April 28, 2009

Ip Dialing From Router To LNS

In my previous post, I have explained how PC dial to the LNS but this is the case when the CP end is having a single pc or customer is roaming customer. What will happen if the customer is having a router at its end and need not to dial from each and every pc. In that case, the best solution is to dial from router to LNS and customer is able to roam freely in the cloud.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, April 27, 2009

TIPS For CCIE SP Lab

I found a good document and would to share with you. Document explans the common problem which one commit during the lab.

Download The Document


regards
shivlu jain
Click Here To Read Rest Of The Post...

Sunday, April 26, 2009

Testing Multicast Streaming

IP TV is becoming order of the day and finally I decided to start work over it. For complete multicast streaming testing, I configured a multicast server which can send the stream to whole cloud. For receiving the stream I used SSM as well as BSR mode. Still I need to test lot of thing and within few days I will publish the documents.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, April 24, 2009

Buffer Overflow Animated Explanation

During googling I found a awesome animated explanation of buffer overflow posted by Kevin. After this animation one can easily understand the concept.

Buffer Flow


regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, April 23, 2009

OSPF Routes Are Not Installing At CPE Router

One of my friend reports a problem regarding routes installation at CPE end. OSPF is running between PE-CE but CE is not able to receive any of the routes. During analysis he found network lsa bit is coming as zero in the updates. After this he might thought this can be the issue with the CEP end router but as the day grows, the problem started with the customers who are using OSFP as PE-CE. This time problem is with the SP router not with the client end router or IOS and the router used by service provider is 7200. Temporary workaround of this problem is to clear the ospf process at PE end thereafter everything works fine.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, April 22, 2009

Troubleshooting Layer 2 VPN

After long vacation, I continue with l2vpn series. In this post I would like to share about the disconnection of label switch path but xconnect session never terminates. The sesion establish because of ip reachability not of ldp. So if the ldp is broken anywhere in the path , it won't terminates the xconnect connection but the main problem is hpw to troubleshoot. The troubleshooting of the same is very easy with the help of ping mpls pseudosire . If the path is mpls enabled you would definately receive the ping acknowledgement else it will be dropped.

regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, April 16, 2009

Decrease The Label Database In Layer 2 MPLS

In my yesterday post I have covered how to provison a layer 2 mpls circuit. Today I am going to explain about implicit null label, a label which comes when the xconnect peer comes up. As per figure 1 check the mpls ldp binding table of PE-R1. A label for 30.30.30.30 will be coming with implicit null. Now the question arises why it is coming so? Answer is so simple because when the ldp between the xconnect peer up, both treat them as directly connected to each other and advertise the directly connected interface with implicit null the same as in the case of PHP happens. But the label is never ever used for forwarding because when the packet reaches on R1-PE and the destination is 30.30.30.30 for that it check the best IGP path and corresponding to that next hop is selected with outgoing label. So this implicit null will never be preferred in the case of layer 2 mpls vpn. These labels are only increasing the database and can be stopped by using acl.

step 1:- Create standard acl which will deny any thing
ip access-list 1 deny any

Step 2:- Bind the acl with the xconnect peer so that it won't accept any labels for IGP.
mpls ldp neighbor 30.30.30.30 labels accept 1

The same command need to be configured at remote end peer also.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, April 15, 2009

Configuring Layer 2 MPLS VPN


Layer 2 vpn is being used by many of service providers. It can be configure in two ways, one way to use l2 vpn over ip cloud with the help of l2tpv3 and another way is to use over mpls backbone by using encapsulation mpls. In this document I will be covering how to configure l2 mpls vpn over service provider cloud.

Before moving ahead penultimate hop popping concept should be cleared.

Click here read the full story.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Tuesday, April 14, 2009

Internet Provisioining

Which option is the best when service provider want to provision internet, mpls or pure ip cloud. Actually it depends on the cloud of service provider and the services segeregation. Most of the service provider run ip backbone different from the mplsvpn backbone. But when the mpls customer look for the internet services in that case route leaking option is used. This is good and valid option but upto some extent.

If the internet provisoning is increasing drastically int that case it is recommened not to use mpls, the reason for that why should we involve the routers to process more. So the best option is to provision internet from glocal ip routing so that simple forwarding mechanism is used.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, April 13, 2009

BGP As PE-CE With Backboor Link Part 2


Problem Description
When primary link from service provider goes down at that time traffic forwarding works fine with the backdoor link but when the service provider link comes up that path is not preferred.

Please refer to my previous post BGP Routing Table Of R2
R2#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 3.1.1.0/30 1.1.1.2 0 1 ?
*> 4.1.1.0/30 0.0.0.0 0 32768 ?
*> 30.30.30.30/32 1.1.1.2 0 1 3 ?
*> 40.40.40.40/32 0.0.0.0 0 32768 ?
Table 1

From the above output it is cleared that the routes which are coming from E-BGP peer are set with weight 0 and the routes which are redistributed in BGP from IGP are set with weight 32768. The above output depicts clearly that the route 3.1.1.0 belongs to R3-R1 wan link and 30.30.30.30 is the loopback address of R3 and coming with weight as 0. 4.1.1.0 is the wan pool of R2-R3 and 40.40.40.40 is the loopback of R2 are showing in BGP table with weight of 32768.

Routing Table Of R2
1.0.0.0/30 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, FastEthernet0/0
3.0.0.0/30 is subnetted, 1 subnets
B 3.1.1.0 [20/0] via 1.1.1.2, 00:12:34
4.0.0.0/30 is subnetted, 1 subnets
C 4.1.1.0 is directly connected, FastEthernet0/1
40.0.0.0/32 is subnetted, 1 subnets
C 40.40.40.40 is directly connected, Loopback0
30.0.0.0/32 is subnetted, 1 subnets
B 30.30.30.30 [20/0] via 1.1.1.2, 00:02:47
Table 2

1.1.1.2 is the ip address of service provider router. Lets down the service provider link of R2 and check the output.

BGP table of R2
Network Next Hop Metric LocPrf Weight Path
*> 4.1.1.0/30 0.0.0.0 0 32768 ?
*> 30.30.30.30/32 4.1.1.2 2 32768 ?
*> 40.40.40.40/32 0.0.0.0 0 32768 ?
Table 3

Now compare the outputs of table 3 and table 1. The difference is quite clear the routes which were coming with weight 0 now receiving the same routes with weight 32768. As I have already explained the local routes from IGP to BGP comes with weight 32768 and the E-BGP received routes come with weight 0.
Routing Table Of R2
4.0.0.0/30 is subnetted, 1 subnets
C 4.1.1.0 is directly connected, FastEthernet0/1
40.0.0.0/32 is subnetted, 1 subnets
C 40.40.40.40 is directly connected, Loopback0
30.0.0.0/32 is subnetted, 1 subnets
O 30.30.30.30 [110/2] via 4.1.1.2, 00:06:10, FastEthernet0/1
Table 4

4.1.1.2 is the backdoor link from R2 to R3.

Now the service provider link come up and by default the routing convergence should take place and all the routes should prefer from service provider cloud because E-BGP is having less administrative distance than OSPF. So let’s check what happens when the link comes up.

BGP Routing Table Of R2
Network Next Hop Metric LocPrf Weight Path
*> 3.1.1.0/30 1.1.1.2 0 1 ?
*> 4.1.1.0/30 0.0.0.0 0 32768 ?
*> 30.30.30.30/32 4.1.1.2 2 32768 ?
*> 40.40.40.40/32 0.0.0.0 0 32768 ?
Table 5

R2#show ip bgp 30.30.30.30
BGP routing table entry for 30.30.30.30/32, version 26
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
Local
4.1.1.2 from 0.0.0.0 (40.40.40.40)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, best
Table 6
From table 5 and 6 it is cleared that the loopback route of R3 is coming via backdoor link instead of primary link which is up now. Table 6 output exhibit that the route is coming via IGP routing table and now redistributing to BGP.

How to Overcome This Problem
Increase the weight of the E-BGP neighbor by using weight command.
Configuration done on R2
Router bgp 2
Neighbor 1.1.1.2 weight 33000.
Table 7

Output of bgp table after setting weight
Network Next Hop Metric LocPrf Weight Path
*> 3.1.1.0/30 1.1.1.2 33000 1 ?
r> 4.1.1.0/30 1.1.1.2 33000 1 3 ?
r 0.0.0.0 0 32768 ?
*> 30.30.30.30/32 1.1.1.2 33000 1 3 ?
r> 40.40.40.40/32 1.1.1.2 33000 1 3 ?
r 0.0.0.0 0 32768 ?

30.30.30.30 route is coming via routing table as well as from service provider cloud. But the route installed in routing table is from service provider end because of having more weight.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Saturday, April 11, 2009

BGP As PE-CE With Backboor Link

Generally customers look for the solution where the primary link is from MPLSVPN service provider and leased line or satellite is used as backup. In these scenarios most of the time customers usually use OSPF as routing protocol in their core as well as with service provider. The prime disadvantage of using as PE-CE routing protocol is that always the leased or satellite link will prefer. To overcome this problem sham link is used which is described in draft “OSPF as the PE/CE Protocol in BGP/MPLS VPNs”. So sham link is the best option.
But what will happen if the same customer uses BGP as PE-CE routing protocol and OSPF is used by the secondary links. Which route will be preferred and why? Answer is simple always BGP route will be preferred because e-BGP learned has lower administrative distance than OSPF.
Now think a case when the link from PE-CE flaps and e-BGP goes down. The traffic will flow from the secondary link with no pros and cons. After few minutes primary link from MPLSVPN service provider comes up and the traffic should flow via MPLSVPN service provider instead of back door. This is what we think but actually this won’t happen. The traffic will never move on to the MPLSVPN service provider and it will follow the secondary path.

What the reason for this:-
Actually what happens the routes which are redistributed from OSPF to BGP are having weight of 0 and the routes which are already in routing table have weight of 32768. So when the service provider link goes down in that case the remote end route which is coming via bgp will come by OSPF and redistribute in BGP. It means that route is having weight of 32768. Now the service provider link comes up and the same route comes by service provider cloud with weight of 0. So BGP will check the weight attribute and it checks the same route is coming by two different weights, one is 32768 and another with 0. So it will always prefer the weight 32768 consequence traffic will flow from the backdoor link instead of primary link.

Solution Of Problem:-
Set the weight 37775 at CE for the routes coming from service provider cloud. So during route installation time always the service provider route will be preferred.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, April 9, 2009

No Show Running Command

Yesterday during testing we found no show running config command on given IOS. May be a IOS bug or something else.

c1841-adventerprisek9-mz.124-24.T.bin


regards
shivlu jain
Click Here To Read Rest Of The Post...

Wednesday, April 8, 2009

Implementation Of Autp-RP and BSR in Service Provider Network

From the last few days I am receiving lot of queries of implemetation of AutoRp and BSR in the core of service provider. The implemetation is really so easy but for that basic understatnding of multicast is required. I have already prepared the two low level documents of multicast which can help to implement it in a very easy manner with no errors.

1. Implementation of Auto-RP in service provider network.
2. Implementation of BSR in service provider network.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Monday, April 6, 2009

Pushing Technology In The New ERA and Save Lots....

The post is mainly focused on how one can push the technology in the new era to save lot of operational cost. Let’s envisage If Multicast push to deliver the new movies release in theatres. It really looks sound; the next time when you see the movie it will be on multicast.
As per my design, all the theatres should have dedicated link across all the location with redundancy. The source should be the common place where actual movie will be started and rest of the theatres will be the receivers. One knows the power of multicast; the same stream will be replicated over millions of times with no extra bandwidth. With this companies can save lot of infrastructure cost.
The day will come when this will be implemented.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Saturday, April 4, 2009

OSPF Protocol Analysis

As per the requirement of IAB a rfc was published on OSPF Protocol Analysis. This is really a good document to understand the how OSPF behaves in small to big network.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Friday, April 3, 2009

How to Troubleshoot MPLSVPN Labels


In my previous post of Untagged Lables Instead Of POP Labels depicts how loopbacks of /24 advertise in OSPF generate the untagged packets. In this post I will only explain how the benefit of command show mpls forwarding which help us to troubleshoot the problem within seconds.

As per scenario given PE is attached to P router and advetising the labels for loopbacks only. At any time by mistake if some deletes the loopback acl what will happen? PE router will receive all the outgoing labels as untagged. So immediately without thinking anything you can run a single command "show mpls forwarding" and confirm there might be some problem with the upstream router.

This troubleshooting is very basic for MPLS but really helps the operational guys to save lot of downtime.


Reasons For Coming Untagged Labels

1. ACL is bind with "mpls ldp advertise label for MPLSVPN" but not created.
2. No acl is created and use the command "no mpls ldp advertise label for MPLSVPN".
3. Improper Authentication between or among the adjacent peers consequence untagged labels.
4. MP-BGP loopbacks advertise in OSPF without /32 subnet and without using ip ospf point-to-point network command.


Real Time Scenario Problems:- I have seen many times when the LDP is working among the adjacent neighbors, at that time we receive the compaints that the customers from some backbone links are working and others are not. This is because of improper configuration where we missed to advertise the labels. The command mentioned above to help us troubleshoot such type of problems in a very ease manner.


regards
shivlu jain
Click Here To Read Rest Of The Post...

Thursday, April 2, 2009

TCP Receiving Window

What is tcp window?

The TCP window is the amount of unacknowledged data which remains in the network till get acknowledged. The tcp window is negotiated at the beigining of each and every connection during the three way handshake. The TCP receiving window (RWIN) size was limited to 16 bits which is equavalent to 65535 bytes or 64K. It means during the transmission sender cannot pust the data more than 64K at one time and in the next transaction it will send the only amount data which will free from the buffer. I know its hard to understand. Lets assume a example, Sender S sends 64K data at the first and out of 64K he receives 20K acknowledge. So now the TCP window buffer is 20K because unacknowledge data will remain in the TCP window and in the next transaction sender S cannot push more than 20K consequence slow speed.

To overcome this problem researchers added a "TCP Options" header extension which is of 14 bits (Explained in RFC 1323). So it means the default RWIN size will be 64K if the sender and receiver wants to send more then they can increase with the help of header options by taking multiples of 2.

It means the total TCP receiving window size can be extended upto (RWIN Original * 2 ^ Header Options) which is equavalent to 65535*16384 = 1073725440 (1 Gb). But the value is negotiated at the time of connection establishment and will be choosed the smallest of two.


regards
shivlu jain
Click Here To Read Rest Of The Post...