- Uses the DUAL algorithm, which determines a loop free network topology
- When a change occurs only the routing table changes are propagated, NOT the entire routing table.
- Only routers affected by a topology change update their topology
- Backup routes means fast convergence – Hybrid, only knows what networks it is connect to, this means faster convergence.
- Simple configuration doesn’t require multiple areas unlike OSPF.
- Can summarise from anywhere on the network, unlike OSPF which can only summarise on ABR or ASBR
- Unequal cost load balancing
- Rapid convergence
IP Helper Address Command
Routers or Multilayer Switches cannot forward broadcasts, but enabling the IP Helper Address command allows it to forward UDP broadcasts and forward them as a unicast to the address specified. The command “ip helper-address” must be configured on the interface/VLAN receiving the broadcasts. On a MLS for all users in VLAN 10 then the IP Helper Address must be configured on the VLAN SVI.
interface vlan 10
ip helper-address 10.10.10.1
Telnet to VTY Line
As default the VTY lines are configured with the command “login”
line vty 0 4
If you attempt to telnet to the device without specifying a password on the VTY line you will get the error “Password required, but none set”. You must specify a password on the VTY line using the command “password XXXXXX” under the VTY line.
line vty 0 4
CCNP ROUTE 2.0 Exam Blueprint: Unicast Reverse Path Forwarding & IPv4 access control lists (standard, extended, time based)
Unicast Reverse Path Forwarding (RPF)
Unicast RPF is used to help limit the malicious traffic on a network. When configured a router verifies the reachability of the source address in the packets being forwarded. This can help in preventing spoofed IP addresses on the network.
- CEF must be running on the router in order to run Unicast RPF
- Unicast RPF is enabled on a per interface basis
3 different modes of Unicast RPF: Loose, Strict and VRF Mode
Loose Mode – the source address must appear in the routing table, you can use the option “allow-default” which would allow the use of the default route when verifying the source address. An ACL may be used to permit or deny certain source addresses. Checks FIB
Strict Mode – the packet must be received on the interface the router would use to forward the return packet. Legitimate traffic could be dropped if asymmetric routing is present. Checks the FIB and the incoming interface.
VRF Mode – Loose & Strict mode within each VRF
CCNP ROUTE 2.0 Exam Blueprint: VPN Technologies
- Configure and verify GRE
- Describe DMVPN
- Describe Easy Virtual Networking (EVN)
Configure and Verify GRE
- Generic Routing Encapsulation (GRE) was designed to carry multiprotocol and IP multicast traffic between sites
- Encapsulated protocols included IP, Appletalk, DECnet or IPX
- GRE encapsulates an inside IP address within an outside IP address
- Is NOT encrypted by default
- GRE tunnels can run through IPSec tunnels. When running GRE tunnel over IPSec, a packet is first encapsulated in a GRE packet and then GRE is encrypted by IPSec
- Multicast traffic GRE tunnels do support transporting IP multicast and broadcast packets to the other end of the GRE tunnel
- GRE tunnels add an additional 20 byte IP header and a 4 byte GRE tunnel header. 24 byte overhead in total
GRE can be configured as either point-to-point or point-to-multipoint tunnels.
Point-to-Point – simple configuration between 2 peers, does not require NHRP
Point-to-Multipoint – only one tunnel configured on a router to support multiple GRE peers (great for scalability), requires NHRP to build dynamic tunnels (allows peers with DHCP assigned public IP addresses).
SNMP (Simple Network Management Protocol)
Simple Network Management Protocol (SNMP) is used to transmit network management information from one network device to another.
- SNMP Manager – the monitoring device (eg SolarWinds NPM)
- SNMP Agents – the devices being monitored (eg router, switch etc)
- The Management Information Base (MIB), this database is on the agent device that contains information about the agent.
SNMP Managers poll the agent devices using UDP port 161, sends 2 Types of messages:
A GET is a request from the manager to the agent for information
A SET is from the manager to the agent requesting a variable be SET
A Manager is generally configured to poll an agent frequently, eg every 10 minutes. If the agent has a critical failure seconds after being polled the manager will not know about the failure until the next polling interval. The polling interval can be reduced to poll more regularly this however has an impact on performance on the manager (depending on the number of agents the manager is polling).
CCNP ROUTE 2.0 Exam Blueprint: Configure and verify IP SLA (ICMP) / Configure and Verify Tracking Objects
IP SLA monitors the network performance by measuring response time, network availability, application performance, jitter, throughput and packet loss. On a Cisco IOS device an IP SLA operation type is configured (see list below) to generate a packet to send to a configure destination device.
The various types of IP SLAs operations include the following:
- Domain Name System (DNS)
- Dynamic Host Control Protocol (DHCP)
- File Transfer Protocol (FTP)
- Hypertext Transfer Protocol (HTTP)
- ICMP echo
- ICMP jitter
- ICMP path echo
- ICMP path jitter
- Real-Time Transport Protocol (RTP)-based VoIP
- Transmission Control Protocol (TCP) connect
- UDP echo
- UDP jitter
- UDP jitter for VoIP
- VoIP gatekeeper registration delay
- VoIP post-dial delay