A Brief Review About Basic IGMP Timers

we will quickly discuss the use of most commonly needed IGMP timers. First, as we know, multicast routers periodically query hosts on a segment. If there are two or more routers sharing the same segment, the one with the lowest IP address is the IGMP querier (per IGMPv2 election procedure – as you remember, IGMPv1 let the multicast routing protocol define the querier).The periodic interval is defined using the command:ip igmp query-interval [interval...

Read More

Different States Of Spanning Tree Ports

Rapid Spanning Tree 802.1w reduced the number of port states from 5 down to 3 this short blog post details the 5 STP port states for Spanning Tree 802.1d and then Rapid Spanning Tree – as always these posts are purely my study notes which I hope can be of use to somebody else and provides an easy way for me to find them again. i.e I just google Spanning Tree Port States and I can find it again wherever I am! Spanning Tree 802.1d   ...

Read More

The Troubleshooting of MPLS LDP

This post will go through from start to finish the configuration required to setup a basic MPLS VPN which has 2 customers, each customer has 2 sites. The configuration is all done in GNS3. The topology I will be using is below. This MPLS tutorial will cover OSPF, LDP, MP-BGP and route redistribution.The MPLS Core is made up of P1-P4, the Provider Edge routers are PE1 & PE2.Step 1 is to configure the IP addresses on all devices,...

Read More

The Troubleshooting Of MPLS Layer 3 VPNs

I would like to dedicate this post to MPLS L3 VPNs troubleshooting and more particularly using the Traceroute command. It can be sometimes difficult to find out where is the issue when testing connectivity between sites attaches to a MPLS VPN backbone. I will explain the behavior of Traceroute in MPLS VPN environment which is quite different than in “classical” IP environment. Finally I will talk about the MPLS LSP Ping feature and how to use it...

Read More

Basic Configuration Of MPLS

I would like to share a basic MPLS configuration example where I will explain how MPLS works and what are the different steps in order to configure it. This example is not related to MPLS layer 3 VPNs, this is just going to be the basic underlying logic of how an MPLS tunnel on its own works so I will neither talk about VRF nor MP-BGP which is the VPNv4 address family in order to exchange the customer routes and the MPLS VPN labels.  Let´s...

Read More

Learning Basic QoS part 2 – Catalyst 3560 QoS

In this post I will talk about Cisco Catalyst 3560 QoS. In Basic QoS part 1 I talked about policing and shaping on Cisco IOS routers. To illustrate the different examples in this post I will use the following topology: IGP: EIGRP 10 Platform/IOS: Catalyst 3560/ c3560-advipservicesk9-mz.122-44.SE6.bin Catalyst 3560 QoS Port-Based Classification As long as the QoS in not enabled with the command mls QoS, the QoS values in the...

Read More

Zone Based Firewall By Cisco

In this post I will talk about Cisco Zone Based Firewall (ZBF) which is a new approach to configure access control in the IOS firewall. I will first make an introduction to ZBF and then I will demonstrate how to configure it.To illustrate the different examples in this post I will use the following topology:    IGP: EIGRP AS 10 Platform/IOS: Cisco 2691/12.4(15)T11 Adv IP services. Side note: As I am using IOS 12.4(15)T...

Read More

Explaining Difference Between BPDU Filtering Vs BPDU Guard

BPDU Filtering, BPDU Guard, and Root Guard are STP security mechanisms. In this post I will only describe BPDU Filtering and BPDU Guard. These 2 features provide protection against spanning-tree loops being created on ports where PortFast has been enabled. A device attached to a PortFast interface is not supposed to send BPDUs but should this happen BPDU Filtering and BPDU Guard provide protection. BPDU Guard and BPDU Filtering can be configured...

Read More

L2TP version 3 VLAN-to-VLAN

For a few days ago I had to find a solution for a customer that could provide VLAN-to-VLAN traffic over Internet between 2 locations. I found a solution which I think was really interesting therefore I want to share it here.Here are the requirements:    Host 1 (VPC1) in VLAN X  at location A and Host 2(VPC2) in VLAN X in location B should be able to send Multicast traffic to each other as well as unicast traffic   ...

Read More

Resolving MPLS LDP Troubleshooting Issue

When faced with a troubleshooting ticket involving MPLS you need to clear the basics first to ensure that everything is working from a Label Distribution perspective. First of all you need to establish IGP connectivity between all the routers.  Can you ping all the loopbacks? Are there /32 loopbacks configured on every router and advertised into IGP? Is CEF enabled? Is MPLS IP enabled on the required interfaces? Have the routers discovered...

Read More

Archiving a running-config Automatically Against Any Change

The other day I found a handy script on Cisco EEM scripting community  that can automatically archive the running-config if a a change has been made to it.The archive feature must be configured first and you should also define an EEM variable for the script to work.The script use the “Configuration Replace and Rollback” IOS feature to know if a change has been made by comparing the running-config the previous archive. If any differences the...

Read More

An Interesting Topic: BGP over GRE

While I was doing some BGP labs I came across an interesting topic which is BGP over GRE. Using automatic tunneling techniques along with BGP is the core of MPLS VPNs and I think it is worth seeing the effect of using manual tunnels along with BGP. Let´s have a look at the following topology which illustrates my example: The core IGP is EIGRP while BGP is used between AS 100 and AS 200 to advertise both loopback IP. Only router R5 and R1 are...

Read More