Networkers-online.com

In this post we are going to cover a nice tool, actually I’ve never used it in production, but I was fully testing it during my CCIE SP lab preparations and wish to share it with you. It’s nice to have such a tool in your tool box when dealing with complex designs.

The VRF Selection feature allows a certain interface on a PE router to route packets received from the CE router to different VRFs based on the source IP address of the packet, imagine it as a form of policy-based routing, where you control the traffic forwarding based on the source IP addresses, but in this case we control to which VRF should the traffic be forwarded rather than out of which interface.

Read the rest of this entry »

Load-sharing is one of the clumsy areas that is full of confusing parts. In this post we should be covering its ABCs, and latter on we should be covering more parts in details. We chose the name “CEF and load sharing” as the post name due to the main role that CEF plays when talking about load sharing.

In IP routing context the forwarding/switching mechanism that the router uses is the actual controller of the load sharing process (data/forwarding plane operation), having multiple routes in the routing table has no significance on how exactly will load sharing be done, you might be left with poor load sharing or no load sharing at all, although you have multiple routes for a certain destination in the routing table.
Read the rest of this entry »

In this post we are going slightly deep into BGP operation on the CISCO IOS. Lets start this by discussing the BGP scanner operation, then we can talk about the next-hop address tracking feature.

For each route installed in the BGP table a next hop address must exist and this next hop must be reachable in terms of an IGP. If the next hop is not reachable the route will not be considered for the best path algorithm and will never be used by BGP.

Read the rest of this entry »

This question is mostly repeated by newbies when they start learning about BGP and sometimes it is left unanswered clearly. In the simple dialogue below I will try to explain when BGP is mostly used and why?

Can we connect two or more networks by an IGP?

The answer is yes from the technical point of view, you can use an IGP to connect one or more networks and exchange routing information between them. From the design point of view the answer is may be or it depends on the specific case, however generally speaking this is not a best practice or good design practice.

Read the rest of this entry »

Been a while since my last post, I was extremely busy doing a lot of things, anyway I am glade to be back.

This post I am going to cover a nice tool for enhancing IS-IS convergence, I am really amazed by the ideas that the guys out there pop up. Inventing such wonderful tools requires intellectual open minds (it’s not relatively a new feature), enough talking and lets get to the point. Read the rest of this entry »

When you think about Router ID in any link state protocol  two requirements come to mind:

1. Each router must be identified by a Router ID and an Area to exist in.
2. This Router ID must be unique inside a single IGP domain.

IS-IS refers to the this ID as a System ID (SysID) and OSPF refers to this ID as a Router ID (RID). There are some best practices that can be used to ensure the uniqueness of the router ID within the IGP domain.

In a previous post Mohammed discussed the OSPF RID, so I will focus on the SysID used by IS-IS in the following points:

Read the rest of this entry »

In the past few days we have been doing some tests for Ethernet MTU “The never ending story” in our MPLS backbone.  Playing with MTU for long may have bad effects on your health on the long run but is still a must to have an operational network.

We have tested a lot of things about packet fragmentation in the MPLS backbone, the appropriate MTU size when running ATOM and other MPLS services. We may share these tests when we write up a good documentation.

One of the interesting topics I would like to share with you is Jumbo frames; its a really promising improvement and I am just pointing to the door..!

Read the rest of this entry »

Link state protocols have introduced the concept of multiple routing areas withing the same routing domain. Link state protocols depend on the fact that all routers must have an identical link state database and then each router will start calculating its very own routing table from this information.

However, this rule sometimes introduce scalability limitations to network designers. In very large networks all routers must maintain the same link state database; this induces some scalability limitations in these networks.

Read the rest of this entry »

Black hole filtering is a technique usually used by service providers for traffic filtering without applying access-lists.

The technique is very useful in mitigation of many types of DOS attacks. The idea behind Black hole filtering is very simple; just define the traffic you want to discard and configure a static route pointing to the Null0 interface.

The following rules summarize the technique:

• Define the suspected traffic by destination.
• Configure static route pointing this destination to null0.
• Black hole filtering is based on the destination address of the packet.
• Packets directed to the Null interface are just discarded.
• Static routes to the Null0 interface use the same rules of normal static routes (redistribution, AD, etc..).

Example:

!-- packets destined to 192.168.1.1 are discarded
ip route 192.168.1.1 255.255.255.255 null0

!-- Disable ICMP unreachable packets
int null0
no ip unreachables