Month: December 2015

ICND1: Router on a Stick

Blenheim Resident Uncategorized

ICND1: A simple guide to Router on a Stick

Here is a simple guide to Router on a Stick.

  1. Connect a router and a switch together using ethernet.
  2. On the port on the router (R1) configure two subinterfaces. They should belong to different Vlans, so the commands would look something like:
    int fa0/0.1
    encap dot1q 10 , (where 10 is the vlan number you will configure on the switch)
    ip address 192.168.1.1 255.255.255.0
  3. The main interface fa0/0 must have the no shut command otherwise it wont work.
  4. On the switch, create two Vlans (eg vlan 10, vlan 20)
  5. On the connection to your router, run the no shut command, and also switchport mode trunk
  6. Connect one device (eg a computer to a port on the switch and assign that port to vlan 10
    int fa0/2
    switchport mode access
    switchport access vlan 10
    no shut
  7. Give your device a compatible IP for the VLAN it is connected to.

 

This is only a rough guide.  Better explained here:  http://www.orbit-computer-solutions.com/How-to-Configure-Router-on-a-Stick-InterVLAN-Routing.php

ICND2: Frame Relay Notes

Blenheim Resident Uncategorized

Frame relay enables you to connect two sites over the internet.  ISP will provide you with address space and DLCI number.

Encapsulation types: Cisco prop or IETF (FFC1490)

Interface command: encapsulation frame-relay (ietf or blank defaults to cisco)

Virtual circuit types: PVC and SVC – Permanent and Switched

DLCI- create LOCAL DLCI and map to remote IP.

Note:  Diagram provided by INE training, http://www.ine.com, and excellent training provider.

frameralayexample

For example,ir R2 address is 2.2.2.2 and R1 is 1.1.1.1,  you can map like this on R1:  (from interface s0/0/0) : frame-relay map ip 2.2.2.2 102 (broadcast)

This tells R1 that to get to R2, with IP 2.2.2.2, it needs to go through DLCI 102 Broadcast defeats split horizon problem.  (Router has a single interface, so if R2 sends routing info, it can’t send it out of the same interface to R5 and R4. This can also be solved by using Point to Point subinterfaces)

Inverse ARP:  The router can send Inverse Arp requests, which will map DLCI to IP automatically. This will show up as dynamic.

Here there are two statics and one dynamic:

R1#sh frame-relay map
Serial1/0 (up): ip 192.168.1.2 dlci 102(0x66,0x1860), dynamic,
              broadcast,, status defined, active
Serial1/0 (up): ip 192.168.1.3 dlci 102(0x66,0x1860), static,
              CISCO, status defined, active
Serial1/0 (up): ip 192.168.1.4 dlci 102(0x66,0x1860), static,
              CISCO, status defined, active

———————————————————

LMI – Local Management Interface

3 types:  Cisco, ANSI adn q.933A . TYPES MUST MATCH ON BOTH SIDES.

Use sh frame-relay LMI to see what is being used.

R2#sh frame-relay lmi

LMI Statistics for interface Serial1/0 (Frame Relay DTE) LMI TYPE = CISCO
  Invalid Unnumbered info 0             Invalid Prot Disc 0
  Invalid dummy Call Ref 0              Invalid Msg Type 0
  Invalid Status Message 0              Invalid Lock Shift 0
  Invalid Information ID 0              Invalid Report IE Len 0
  Invalid Report Request 0              Invalid Keep IE Len 0
  Num Status Enq. Sent 39878            Num Status msgs Rcvd 39859
  Num Update Status Rcvd 0              Num Status Timeouts 19
  Last Full Status Req 00:00:29         Last Full Status Rcvd 00:00:29

———————————————————

Troubleshooting commands: 

R1#sh frame-relay map
Serial1/0 (up): ip 192.168.1.2 dlci 102(0x66,0x1860), dynamic,
              broadcast,, status defined, active
Serial1/0 (up): ip 192.168.1.3 dlci 102(0x66,0x1860), static,
              CISCO, status defined, active
Serial1/0 (up): ip 192.168.1.4 dlci 102(0x66,0x1860), static,
              CISCO, status defined, active

R2#sh frame-relay lmi

LMI Statistics for interface Serial1/0 (Frame Relay DTE) LMI TYPE = CISCO
  Invalid Unnumbered info 0             Invalid Prot Disc 0
  Invalid dummy Call Ref 0              Invalid Msg Type 0
  Invalid Status Message 0              Invalid Lock Shift 0
  Invalid Information ID 0              Invalid Report IE Len 0
  Invalid Report Request 0              Invalid Keep IE Len 0
  Num Status Enq. Sent 39878            Num Status msgs Rcvd 39859
  Num Update Status Rcvd 0              Num Status Timeouts 19
  Last Full Status Req 00:00:29         Last Full Status Rcvd 00:00:29

R2#sh frame-relay pvc

PVC Statistics for interface Serial1/0 (Frame Relay DTE)

              Active     Inactive      Deleted       Static
  Local          3            0            0            0
  Switched       0            0            0            0
  Unused         0            0            0            0

DLCI = 201, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0

  input pkts 936           output pkts 10           in bytes 32244
  out bytes 760            dropped pkts 0           in pkts dropped 0
  out pkts dropped 0                out bytes dropped 0
  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0
  out BECN pkts 0          in DE pkts 0             out DE pkts 0
  out bcast pkts 4         out bcast bytes 136
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  pvc create time 4d14h, last time pvc status changed 00:15:57

DLCI = 204, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0

  input pkts 7140          output pkts 541          in bytes 2150221
  out bytes 18744          dropped pkts 0           in pkts dropped 0
  out pkts dropped 0                out bytes dropped 0
  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0
  out BECN pkts 0          in DE pkts 0             out DE pkts 0
  out bcast pkts 536       out bcast bytes 18224
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  pvc create time 4d14h, last time pvc status changed 00:16:03

DLCI = 205, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0

  input pkts 550           output pkts 433          in bytes 19050
  out bytes 15072          dropped pkts 0           in pkts dropped 0
  out pkts dropped 0                out bytes dropped 0
  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0
  out BECN pkts 0          in DE pkts 0             out DE pkts 0
  out bcast pkts 428       out bcast bytes 14552
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  pvc create time 4d14h, last time pvc status changed 00:16:05

Frame relay glossary

LMI – Local Management Interface
DLCI – Data Link Connection Identifier
DCE – Data Communication Equipment
DTE – Data Terminal Equipment
PVC – Permanent Virtual Circuit
DE – Discard Elibibility – Packet discardable if exceeds CIR
CIR – Committed Information Rate
FECN – Forward Explicit Congestion Notification
BECN – Backward Explicit Congestion Notification
IETF – encapsulation used when connecting to non Cisco equipment.

 

 

 

 

 

 

 

 

ICND2: Portfast, BPDU Guard and Etherchannel

Blenheim Resident Uncategorized

Portfast:  Configured at Access layer – ports which end hosts use.

BPDU Guard: puts port in error if another switch with STP connected

bpduguard

Configure Portfast and BPDU Guard on Switch 2, int fa0/2

Switch#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#int fa0/2

Switch(config-if)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single

host. Connecting hubs, concentrators, switches, bridges, etc… to this

interface when portfast is enabled, can cause temporary bridging loops.

Use with CAUTION

%Portfast has been configured on FastEthernet0/2 but will only

have effect when the interface is in a non-trunking mode.

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 1

Switch(config-if)#exit

Switch(config)#int fa0/2

Switch(config-if)#spanning-tree bpduguard enable

Switch(config-if)#exit

——————————————————

Etherchannel

etherchannel

The commands to configure an etherchannel:

int range fa0 – 3
switchport mode trunk
channel-group 1 mode active

The choices of etherchannel type:

active Enable LACP unconditionally

auto Enable PAgP only if a PAgP device is detected

desirable Enable PAgP unconditionally

on Enable Etherchannel only

passive Enable LACP only if a LACP device is detected

Switch 0 running config:

interface FastEthernet0/1

channel-group 1 mode active

switchport mode trunk

!

interface FastEthernet0/2

channel-group 1 mode active

switchport mode trunk

!

interface FastEthernet0/3

channel-group 1 mode active

switchport mode trunk

ICND2: Spanning Tree Notes

Blenheim Resident Uncategorized

Spanning tree follows the following steps:

  1. Elect root bridge
  2. Elect root ports on non root bridges
  3. Elect one designated port per segment
  4. Ports transition to forwarding or blocking.

Elections for root bridge: general rule:  Lower is better.

  1. Priority (Default 32768)
  2. MAC address.

Root port is the one which has the lowest cost to the root bridge:

10mb = 100
100mb =19
Gigabit=4
10 Gig =2

Designated Port

Costs are added together, lowest cost wins.

4 states of ports in 802.1D CST:

Blocking (20s) (BPDU every 2s) No BPDU received—>Listening
Listening (15s) (Learn MAC addresses)
Learning (15s) (Now learn MAC addresses, put in CAM table)
Forwarding
(use the word ‘belief’ as a mnemonic)

3 states for 802.1w:

Discarding, learning, forwarding

Types of Spanning Tree

STP 802.1D Low resource Slow 1 Tree
PVSTP+ Cisco High Resource Slow 1 Tree for each VLAN
RSTP 802.1w Med resource Fast 1 Tree
Rapid PVSTP+ Cisco Very High Fast 1 Tree for each VLAN

Configuring Spanning Tree

Spanning tree is on by default.

You can change the mode with spanning-tree mode command
Configure priority:  Spanning-tree vlan 1 priority xxxx
or spanning-tree vlan1 root

Identifying Designated Ports

There will always be one designated port per segment. (Segment is collision domain).

Consider the diagram below:

STP1

Switch 1 has been made the Root Bridge because priority changed to 4096.

Consider the link between 2 and 4.  Because the path to switch 4 must be made through Switch 1, the Root Bridge the direct link between 4 and 2 must be blocked. One side designated, the other blocking.

  1. Which switch has the lowest cost to the root, Switch 1? Answer:  Equal. Both 19 -hence a tie.
  2. Lowest Bridge ID (First Priority, second MAC address)
  3. Set port priorities manually if desired
  4. Lowest port number: eg Fa0/1 before Fa0/2

Fault finding:

sh spanning-tree summary
sh spanning-tree
sh spanning-tree vlan 1
sh spanning-tree detail

***********************************************************

Sample outputs for root bridge

 

sh spanning-tree summary

Switch is in pvst mode

Root bridge for: default

Extended system ID is enabled

Portfast Default is disabled

PortFast BPDU Guard Default is disabled

Portfast BPDU Filter Default is disabled

Loopguard Default is disabled

EtherChannel misconfig guard is disabled

UplinkFast is disabled

BackboneFast is disabled

Configured Pathcost method used is short

Name Blocking Listening Learning Forwarding STP Active

———————- ——– ——— ——– ———- ———-

VLAN0001 0 0 0 3 3

———————- ——– ——— ——– ———- ———-

1 vlans 0 0 0 3
*****************************************************

Switch#sh spanning-tree

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 4097

Address 0060.3E3D.53E2

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 4097 (priority 4096 sys-id-ext 1)

Address 0060.3E3D.53E2

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Fa0/1 Desg FWD 19 128.1 P2p

Fa0/2 Desg FWD 19 128.2 P2p

Fa0/3 Desg FWD 19 128.3 P2p

**********************************************************

Switch#sh spanning-tree vlan 1

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 4097

Address 0060.3E3D.53E2

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 4097 (priority 4096 sys-id-ext 1)

Address 0060.3E3D.53E2

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Fa0/1 Desg FWD 19 128.1 P2p

Fa0/2 Desg FWD 19 128.2 P2p

Fa0/3 Desg FWD 19 128.3 P2p

***********************************************

Switch#sh spanning-tree detail

VLAN0001 is executing the ieee compatible Spanning Tree Protocol

Bridge Identifier has priority of 4096, sysid 1, 0060.3E3D.53E2

Configured hello time 2, max age 20, forward delay 15

Current root has priority 4097

Topology change flag not set, detected flag not set

Number of topology changes 0 last change occurred 00:00:00 ago

from FastEthernet0/1

Times: hold 1, topology change 35, notification 2

hello 2, max age 20, forward delay 15

Timers: hello 0, topology change 0, notification 0, aging 300

Port 1 (FastEthernet0/1) of VLAN0001 is designated forwarding

Port path cost 19, Port priority 128, Port Identifier 128.1

Designated bridge has priority 4097, address 0060.3E3D.53E2

Designated port id is 128.1, designated path cost 19

Timers: message age 16, forward delay 0, hold 0

Number of transitions to forwarding state: 1

Link type is point-to-point by default

Port 2 (FastEthernet0/2) of VLAN0001 is designated forwarding

Port path cost 19, Port priority 128, Port Identifier 128.2

Designated bridge has priority 4097, address 0060.3E3D.53E2

Designated port id is 128.2, designated path cost 19

Timers: message age 16, forward delay 0, hold 0

Number of transitions to forwarding state: 1

Link type is point-to-point by default

Port 3 (FastEthernet0/3) of VLAN0001 is designated forwarding

Port path cost 19, Port priority 128, Port Identifier 128.3

Designated bridge has priority 4097, address 0060.3E3D.53E2

Designated port id is 128.3, designated path cost 19

Timers: message age 16, forward delay 0, hold 0

Number of transitions to forwarding state: 1

Link type is point-to-point by default

**********************************************

Sample output for Switch 4 (Note, all ports blocking except the root port)

Switch#sh spanning-tree

VLAN0001

Spanning tree enabled protocol rstp

Root ID Priority 4097

Address 0060.3E3D.53E2

Cost 19

Port 1(FastEthernet0/1)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 00D0.FF45.B48B

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Fa0/2 Altn BLK 19 128.2 P2p

Gi0/1 Altn BLK 4 128.25 P2p

Fa0/1 Root FWD 19 128.1 P2p

 

 

 

 

 

Softether – Splitting VPN Traffic

Blenheim Resident Uncategorized

*******Update*************

Easier way to do this:  Remove the default gateway from the DHCP server, in which case you need to add a route on the server which will be pushed to the client.securenat

Here, clients get an address on 192.168.30.0/24 subnet, and no gateway. Local network is 192.168.254.0/24 subnet, and the route is added as above.

********************************************************

Softether is an excellent alternative to using Cisco or Microsoft VPN solutions.  It can be installed on any machine and can be set up to connect via TCP ports.

The only snag is that, when connected, all traffic routes through the VPN.

Here’s the fix.

(Note, you need to have installed and understand how Softether works, first.)

  1. Set metric on virtual vpn interface to 100
  2. Set metric on connected vpn interface to 1
  3. Run the following commands in an elevated DOS prompt (Note, the numbers will change, depending on your circumstances.

Route print -4

The output will tell you the interface number of your local ethernet interface.

@echo on
route add 192.168.254.0 mask 255.255.255.0 192.168.30.1  (254.0 is the remote network, 30.0 is the dhcp assigned address from Softether.)
pause
route add 0.0.0.0 mask 0.0.0.0 192.168.1.254 metric 1 if 4 (Creates a gateway of last resort to your local router)
pause

I do not recommend using the -p persistent switch, because if the user connects elsewhere he won’t be able to get on the internet.  (You can do this if it’s a desktop and not likely to move)

More about Softether, which is thoroughly recommended:

Remove unwanted Office Keys

Blenheim Resident Uncategorized

I installed a full version of office on a machine, but there was already a trial version which I failed to uninstall first. After a while, the user started getting an nag screen that Office was not activated.

The folks at that excellent site, Spiceworks, have offered a solution:  https://community.spiceworks.com/how_to/48973-remove-and-re-add-license-key-for-office-2013-on-office-365#

Spiceworks is an excellent, thoroughly recommended site.

Here are the steps:

—————————————————————————–

1

Open a Command Prompt window, and then take one of the following actions:

• If you installed the 64-bit version of Office 2013, move to the following folder: C:\Program Files\Microsoft Office\Office15

• If you installed the 32-bit version of Office 2013, move to the following folder: C:\Program Files (x86)\Microsoft Office\Office15

——————————————————————————————
2
Display the Current License(s)

Type the following command to display the license status. Note the last five characters of any and all license keys that display in the output:

cscript ospp.vbs /dstatus

——————————————————————————————
3
Remove the License(s)

Now run the following command as many times as needed to remove all of the license keys you noted from the previous step.

cscript ospp.vbs /unpkey:<last five characters of product key>

————————————————————————–

4.

Restart computer.

Windows update breaks Outlook

Blenheim Resident Uncategorized

New Windows update breaks Outlook, forcing it always to start in safe mode.

Can be fixed by editing the registry to prevent Outlook from opening in safe mode again.

Here is the registry key. Paste into Notepad and save with file extension .reg

Office 32 bit:

———————————————————————————————

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\14.0\Outlook\Security] “DisableSafeMode”=dword:00000001

—————————————————————————————–

Office 64 Bit

————————————————————————————–

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\14.0\Outlook\Security] “DisableSafeMode”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\Outlook\Security] “DisableSafeMode”=dword:00000001

ICND2: EIGRP notes

Blenheim Resident Uncategorized

Neighbor Discovery

AS must match
Hello ACK must be sent and recieved
Identical K values
Hold timers don’t need to match

Metrics or K Values

EIGRP Metric = 256*((K1*Bandwidth) + (K2*Bandwidth)/(256-Load) + K3*Delay)*(K5/(Reliability + K4)))

By default, the values of K1 and K3 are set to 1, and K2, K4 and K5 are set to 0.

Hence the above equation is deduced to

EIGRP Metric = 256*(Bandwidth + Delay)

Delay is measured in 10s of microseconds*256

Bandwidth = (10 000 000/bandwidth in kbps)*256

Metric = lowest bandwidth along path  + sum of all delays along the path.

———————————————

Discontiguous Networks

(ie different subnets)  Disable auto-summary to make routing possible. If summary routes are injected into the table, VLSM will result in route failure.

router eigrp 20
no auto-summary

———————————————————–

Controlling Eigrp Traffic

Stop eigrp from working on a specific interface

eigrp 20
passive-interface f1/0

—————————————————————-

Load Balancing

Default load balancing across 4 links, if cost is equal. Max 16 pre 15 code, max 32 thereafter.

eigrp 20
maximum-paths 16

Default max hops 100, can be changed to 255

Unequal cost load balancing can be achieved using the variance command.

——————————————————-

Advertised Distance and Feasible Distance (AD/FD)

 

EIGRP terminology.

Advertised Distance or Reported Distance (Smaller number) The Advertised Distance (AD) is the distance from a given neighbor to the destination router.
Feasible Distance
(Bigger number)		 The Feasible Distance (FD) is the distance from the current router to the destination router
Feasibility Condition (Requirement) Within EIGRP there is requirement which must be met for a route to be considered feasible and loop-free.This requirement states that in order for a route to be feasible the Advertised Distance of the alternate route must be lower than that of the Feasible distance of the current route (see example below.
Successor The Successor(s) are the current routes which are the best and are entered into the routing table. By default, these are the ones with the lowest metric and which meet the feasibility condition.
Feasible Successor If an alternate route exists and it meets the requirements of the Feasibility Condition then it is considered a Feasible Successor.

Configuration using example below. (Note wildcard mask with /30 interfaces: )

Router 0

router eigrp 10

network 172.16.10.0 0.0.0.3

network 172.16.10.4 0.0.0.3

network 10.10.10.0 0.0.0.255

network 10.10.11.0 0.0.0.255

no auto-summary

Router 1

router eigrp 10

network 172.16.10.0 0.0.0.3

network 172.16.10.4 0.0.0.3

network 10.10.10.0 0.0.0.255

network 10.10.11.0 0.0.0.255

no auto-summary

Troubleshooting and verification

6 possible troubleshooting commands:

sh ip eigrp neighbor
sh ip eigrp interfaces (shows enabled interfaces)
sh ip route eigrp
sh ip eigrp topology
sh ip eigrp traffic
sh ip protocols

Samples shown from router Corp using this topology:

eigrptodd

—————————————————-

corp#sh ip eigrp neighbor

sheigrpneighbor

———————————————–

corp#sh ip eigrp interfacesshipeigrpinterfaces

——————————————————-

sh ip route eigrp

shiprouteeigrp

————————————————————-

sh ip eigrp topology

 

shipeigrptopology

————————————————————

sh ip eigrp traffic

shipeigrptraffic

———————————————————-

sh ip protocols

 

sh ip protocols

 

 

ICND2: Sample EIGRP Configuration

Blenheim Resident Uncategorized

Sample configuration, Similar diagram can be found in Todd Lammle’s excellent ICND2 book, which is the only book you need to buy for self study.

Using Cisco Packet Tracer

eigrptodd

Configuration:  Router 0

router eigrp 10

network 172.16.10.0 0.0.0.3

network 172.16.10.4 0.0.0.3

network 10.10.10.0 0.0.0.255

network 10.10.11.0 0.0.0.255

no auto-summary

Note, as we are using CIDR, (/30) addresses, we need to switch auto summary off.

Configuration: Router 1 – Bloemfontein

router eigrp 10

network 172.16.10.0 0.0.0.3

network 10.10.20.0 0.0.0.255

network 10.10.30.0 0.0.0.255

no auto-summary

Configuration: Router 2: Pofadder

router eigrp 10

network 172.16.10.4 0.0.0.3

network 10.10.40.0 0.0.0.255

network 10.10.50.0 0.0.0.255

no auto-summary

All parts of the network can ping all other parts.

 

ICND2: Sample Multi Area OSPF Configuration

Blenheim Resident Uncategorized

This is a sample configuration of OSPF multi area.

ospf1

Router 0, called Corp, is the ABR. Bloemfontein is area 1, and Pofadder is area 2

If configured correctly, any PC in any area can ping any other PC.

———————————————————————————————

Router 0 configuration: (once you have set up the addressing scheme)

router ospf 1

log-adjacency-changes

network 10.10.0.0 0.0.255.255 area 0

network 192.168.1.0 0.0.0.3 area 1

network 192.168.2.0 0.0.0.3 area 2

Note that the 192.168.1,etc area has a /30 address, which means a 255.255.255.252 subnet mask, which, by the simple formula of 255-252, gives you the final octet of 3 when configuring netmask in network statement, ie 0.0.0.3

———————————————————————————————–

Router 1 (Bloemfontein) configuration:

router ospf 1

log-adjacency-changes

network 192.168.1.0 0.0.0.3 area 1

network 10.10.20.0 0.0.0.255 area 1

network 10.10.30.0 0.0.0.255 area 1

———————————————————————————————–

Router 2 (Pofadder)

router ospf 1

log-adjacency-changes

network 192.168.2.0 0.0.0.3 area 2

network 10.10.40.0 0.0.0.255 area 2

network 10.10.50.0 0.0.0.255 area 2

——————————————————————————————-

OSPF fault finding commands

corp#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.1.2 0 FULL/ – 00:00:39 192.168.1.2 Serial0/3/0

192.168.2.2 0 FULL/ – 00:00:39 192.168.2.2 Serial0/3/1

—————————————————————————–

corp#sh ip ospf

Routing Process “ospf 1” with ID 192.168.2.1

Supports only single TOS(TOS0) routes

Supports opaque LSA

It is an area border router

SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

Number of external LSA 0. Checksum Sum 0x000000

Number of opaque AS LSA 0. Checksum Sum 0x000000

Number of DCbitless external and opaque AS LSA 0

Number of DoNotAge external and opaque AS LSA 0

Number of areas in this router is 3. 3 normal 0 stub 0 nssa

External flood list length 0

Area BACKBONE(0)

Number of interfaces in this area is 2

Area has no authentication

SPF algorithm executed 3 times

Area ranges are

Number of LSA 7. Checksum Sum 0x0452f9

Number of opaque link LSA 0. Checksum Sum 0x000000

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Flood list length 0

Area 1

Number of interfaces in this area is 1

Area has no authentication

SPF algorithm executed 4 times

Area ranges are

Number of LSA 7. Checksum Sum 0x046ff6

Number of opaque link LSA 0. Checksum Sum 0x000000

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Flood list length 0

Area 2

Number of interfaces in this area is 1

Area has no authentication

SPF algorithm executed 4 times

Area ranges are

Number of LSA 7. Checksum Sum 0x03fc64

Number of opaque link LSA 0. Checksum Sum 0x000000

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Flood list length 0

Verification and fault finding:

corp#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

192.168.1.2 0 FULL/ – 00:00:30 192.168.1.2 Serial0/3/0

192.168.2.2 0 FULL/ – 00:00:39 192.168.2.2 Serial0/3/1

———————————————————————-

corp#sh ip ospf int s0/3/0

Serial0/3/0 is up, line protocol is up

Internet address is 192.168.1.1/30, Area 1

Process ID 1, Router ID 192.168.2.1, Network Type POINT-TO-POINT, Cost: 64

Transmit Delay is 1 sec, State POINT-TO-POINT, Priority 0

No designated router on this network

No backup designated router on this network

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:04

Index 3/3, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 1, maximum is 1

Last flood scan time is 0 msec, maximum is 0 msec

Neighbor Count is 1 , Adjacent neighbor count is 1

Adjacent with neighbor 192.168.1.2

Suppress hello for 0 neighbor(s)

————————————————————————–

corp#sh ip protocols

Routing Protocol is “ospf 1”

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 192.168.2.1

Number of areas in this router is 3. 3 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

10.10.0.0 0.0.255.255 area 0

192.168.1.0 0.0.0.3 area 1

192.168.2.0 0.0.0.3 area 2

192.168.2.0 0.0.0.255 area 2

Routing Information Sources:

Gateway Distance Last Update

192.168.1.2 110 00:01:50

192.168.2.1 110 00:01:48

192.168.2.2 110 00:01:50

Distance: (default is 110)

 

————————————————————————

corp# sh ip route

Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP

i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

* – candidate default, U – per-user static route, o – ODR

P – periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks

C 10.10.10.0/24 is directly connected, GigabitEthernet0/0

L 10.10.10.1/32 is directly connected, GigabitEthernet0/0

C 10.10.11.0/24 is directly connected, GigabitEthernet0/1

L 10.10.11.1/32 is directly connected, GigabitEthernet0/1

O 10.10.20.0/24 [110/65] via 192.168.1.2, 01:06:52, Serial0/3/0

O 10.10.30.0/24 [110/65] via 192.168.1.2, 01:06:52, Serial0/3/0

O 10.10.40.0/24 [110/65] via 192.168.2.2, 01:06:57, Serial0/3/1

O 10.10.50.0/24 [110/65] via 192.168.2.2, 01:06:57, Serial0/3/1

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.1.0/30 is directly connected, Serial0/3/0

L 192.168.1.1/32 is directly connected, Serial0/3/0

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.168.2.0/30 is directly connected, Serial0/3/1

L 192.168.2.1/32 is directly connected, Serial0/3/1

———————————————————————–

corp#sh ip ospf database

OSPF Router with ID (192.168.2.1) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

192.168.2.1 192.168.2.1 412 0x80000005 0x00f136 2

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

192.168.1.0 192.168.2.1 398 0x8000000d 0x00053a

192.168.2.0 192.168.2.1 398 0x8000000e 0x00f745

10.10.40.0 192.168.2.1 398 0x8000000f 0x002542

10.10.50.0 192.168.2.1 398 0x80000010 0x00b4a7

10.10.20.0 192.168.2.1 393 0x80000011 0x00fd7b

10.10.30.0 192.168.2.1 393 0x80000012 0x008de0

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count

192.168.2.1 192.168.2.1 404 0x80000005 0x008425 2

192.168.1.2 192.168.1.2 405 0x80000007 0x0035f5 4

Summary Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum

10.10.10.0 192.168.2.1 410 0x8000000b 0x00f5d3

10.10.11.0 192.168.2.1 410 0x8000000c 0x00e8de

192.168.2.0 192.168.2.1 399 0x8000000d 0x00f944

10.10.40.0 192.168.2.1 399 0x8000000e 0x002741

10.10.50.0 192.168.2.1 399 0x8000000f 0x00b6a6

Router Link States (Area 2)

Link ID ADV Router Age Seq# Checksum Link count

192.168.2.1 192.168.2.1 404 0x80000005 0x00aff6 2

192.168.2.2 192.168.2.2 406 0x80000007 0x00d02e 4

Summary Net Link States (Area 2)

Link ID ADV Router Age Seq# Checksum

10.10.10.0 192.168.2.1 410 0x8000000b 0x00f5d3

10.10.11.0 192.168.2.1 410 0x8000000c 0x00e8de

192.168.1.0 192.168.2.1 400 0x8000000d 0x00053a

10.10.20.0 192.168.2.1 395 0x8000000e 0x000478

10.10.30.0 192.168.2.1 395 0x8000000f 0x0093dd