Very informative Marko, Thanks! I do wonder why Cisco can't spare a few 3560's lying around and is going the virtual route. I guess scalability and automation of things.
Alef On Jul 12, 2011, at 11:17 PM, [email protected] wrote: > Send CCIE_RS mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/mailman/listinfo/ccie_rs > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_RS digest..." > > > Today's Topics: > > 1. CCIE Routing and Switching News and Updates (Marko Milivojevic) > 2. Re: loop in network? (marc abel) > 3. Re: loop in network? (Alef) > 4. allowing ospf in acl (Alef) > 5. Re: loop in network? (marc abel) > 6. Re: loop in network? (Alef) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 12 Jul 2011 14:15:50 -0700 > From: Marko Milivojevic <[email protected]> > To: OSL Routing and Switching <[email protected]>, GS CCIE > <[email protected]> > Subject: [OSL | CCIE_RS] CCIE Routing and Switching News and Updates > Message-ID: > <cagdym0zcysg6r+_vgoik5q76se5zws272fw--h+qofyujsv...@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > Hello everyone, > > Another Cisco Live SPAM - I apologize, but the information I'm about > to relay is probably of interest to most of you. > > I had the pleasure to attend the Techtorial on CCIE R&S presented by > Bruno van de Werve (CCIE R&S Program Manager) and Bruce Pinsky (Cisco > Distinguished Engineer). It as very informative, detailed and fun to > be there. I wrote some of the major observations and posted them on > IPexpert blog, on the link below. > > http://blog.ipexpert.com/2011/07/12/cisco-live-news-and-updates-ccie-routing-and-switching/ > > Happy studies! > > -- > Marko Milivojevic - CCIE #18427 > Senior Technical Instructor - IPexpert > > FREE CCIE training: http://bit.ly/vLecture > > Mailto: [email protected] > Telephone: +1.810.326.1444 > Web: http://www.ipexpert.com/ > > > ------------------------------ > > Message: 2 > Date: Tue, 12 Jul 2011 16:36:52 -0500 > From: marc abel <[email protected]> > To: Alef <[email protected]> > Cc: "[email protected] IE" <[email protected]> > Subject: Re: [OSL | CCIE_RS] loop in network? > Message-ID: > <CANYR4z=okqptpgq5emfrwnzxqgq9zpn3nn30gzcpsmmb4wb...@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > Layer 2 loops are caused because switches by default flood traffic out > all ports, so any time you connect switches in a circular path a loop > would form if not for spanning-tree. > > In layer 3 this is not the case. Since you have to specifically tell > traffic where to route, making a circle does not make a loop. Routes > make loops by referring back to a host that thinks its path is back to > itself. So adding layer 3 interfaces is not the cause of the loops, > incorrect routes are. > > Take this example > > R1. > int g0/0 > ip address 10.10.10.1 255.255.255.0 > no shut > ! > ip route 6.6.6.6 255.255.255.255 10.10.10.2 > > R2. > int g0/0 > ip address 10.10.10.2 255.255.255.0 > no shut > ! > ip route 6.6.6.6 255.255.255.255 10.10.10.1 > > > Now try to traceroute to 6.6.6.6. R1 will send it to R2, R2 will send > it to R1, R1 will send to R2, repeat until the TTL expires. This is a > layer 3 loop. You will generally notice layer 3 loops by traffic not > reaching its destination(and proved by traceroute), or by routes being > repeatedly installed and removed from the routing table (debug ip > routing). > > Layer 2 loops will generally either keep looping the traffic around so > much that you lose access to the device and the whole damn network > crashes, or if you are lucky you might not have it so bad and you will > see a message in the logs that says something like host x.x.x.x is > flapping between interface..... > > -Marc > > > > > On Tue, Jul 12, 2011 at 3:37 PM, Alef <[email protected]> wrote: >> No no redistribution. I tried to keep it as simple as possible. >> Ok let me try my hand at some ascii art. >> >> But before i do that, is there some inherent stupid thing about putting vlan >> interfaces in all the vlans on all the switches ( i have dot1q trunks in x >> between all 4 switches). I can imagine in my network it would create a loop. >> Just a hunch if i follow the paths. Would i not automatically introduce L3 >> loops by doing that. I think ipexpert topology is setup similar ? >> >> ok scratch that, i uploaded a small jpg >> http://tinypic.com/r/fkqfqr/7 >> >> All switches loopbacks are reachable by at least 3 paths (2 trough the FR >> cloud, and 1 other) >> >> R2# >> O ? ? ? 11.11.11.11 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >> ? ? 44.0.0.0/32 is subnetted, 1 subnets >> O ? ? ? 44.44.44.44 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >> >> On a probably unrelated side note, anyone ever got : >> %OSPF-4-ERRRCV: Received invalid packet: Bad Checksum from 100.100.14.1, >> Vlan14 >> >> Cisco website says change the port or cable, which i did, and cable, well >> considering it's a dynamips sim i did ?that as best as i could :-) >> >> Can't get the message to go away though. >> >> On Jul 12, 2011, at 5:24 PM, Di Bias, Steve wrote: >> >>> >>> What makes you think you have any kind of loop? What are the symptoms? Are >>> you redistributing anywhere? >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Alef >>> Sent: Tuesday, July 12, 2011 8:27 AM >>> To: [email protected] IE >>> Subject: [OSL | CCIE_RS] loop in network? >>> >>> All, >>> >>> So i have this network, and i am thinking i have a loop. I'm just not sure >>> where or how. >>> And i think it started happening after i created vlan interfaces in all >>> vlans on all switches. So Cat1 is having vlan14,vlan567 and vlan69 >>> interfaces and all the other switches in similar. >>> >>> They are NM16ESW cards, but IEEE stp is running so a Layer2 loop should be >>> out of the question. Could i still have a routing loop? >>> I am running OSPF in one giant area 0. >>> >>> How would i go about solving it? I can't use split horizon as OSPF doesn't >>> use that. Should i artificially set routes such that they get a lower >>> metric and manipulate things like that? >>> >>> I attached a small picture to clarify (this is taken from the Security lab >>> Day4 VoD btw). >>> Mind you, it might be something different entirely although i don't think >>> so. >>> >>> But it's probably going to be something very stupid. And yes, i probably >>> don't understand switching very well yet :-) >>> >>> Alef >>> >>> >>> UHS Confidentiality Notice: ?This e-mail message, including any >>> attachments, is for the sole use of the intended recipient (s) and may >>> contain confidential and privileged information. ?Any unauthorized review, >>> use, disclosure or distribution of this information is prohibited. ?If this >>> was sent to you in error, please notify the sender by reply e-mail and >>> destroy all copies of the original message. >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > > > ------------------------------ > > Message: 3 > Date: Tue, 12 Jul 2011 22:49:08 +0100 > From: Alef <[email protected]> > To: marc abel <[email protected]> > Cc: "[email protected] IE" <[email protected]> > Subject: Re: [OSL | CCIE_RS] loop in network? > Message-ID: <[email protected]> > Content-Type: text/plain; charset=us-ascii > > Thanks Marc. > > This was the problem: > R6#sh class-map type inspect > Class Map type inspect match-any corporate-to-private-class (id 1) > Match protocol telnet > Match protocol ssh > Match protocol ftp > > Once i added icmp all was well. I didn't actually expect the route to go over > that for some reason, nor do i understand why it had r6 in it's path with > equal distance, as there is at least one more l3 switch in between compared > to R5. Same for R4. Does it not see the "switches" as a hop or something ? > O 33.33.33.33 [110/66] via 100.100.100.6, 00:13:27, Serial1/1.256 > [110/66] via 100.100.100.5, 00:13:27, Serial1/1.256 > [110/66] via 100.100.24.4, 00:07:08, Serial1/0.24 > > This is what i get for fiddling with labs designed for a different purpose > and then trying to add more functionality (or get more out of it) ;-) > > > On Jul 12, 2011, at 10:36 PM, marc abel wrote: > >> Layer 2 loops are caused because switches by default flood traffic out >> all ports, so any time you connect switches in a circular path a loop >> would form if not for spanning-tree. >> >> In layer 3 this is not the case. Since you have to specifically tell >> traffic where to route, making a circle does not make a loop. Routes >> make loops by referring back to a host that thinks its path is back to >> itself. So adding layer 3 interfaces is not the cause of the loops, >> incorrect routes are. >> >> Take this example >> >> R1. >> int g0/0 >> ip address 10.10.10.1 255.255.255.0 >> no shut >> ! >> ip route 6.6.6.6 255.255.255.255 10.10.10.2 >> >> R2. >> int g0/0 >> ip address 10.10.10.2 255.255.255.0 >> no shut >> ! >> ip route 6.6.6.6 255.255.255.255 10.10.10.1 >> >> >> Now try to traceroute to 6.6.6.6. R1 will send it to R2, R2 will send >> it to R1, R1 will send to R2, repeat until the TTL expires. This is a >> layer 3 loop. You will generally notice layer 3 loops by traffic not >> reaching its destination(and proved by traceroute), or by routes being >> repeatedly installed and removed from the routing table (debug ip >> routing). >> >> Layer 2 loops will generally either keep looping the traffic around so >> much that you lose access to the device and the whole damn network >> crashes, or if you are lucky you might not have it so bad and you will >> see a message in the logs that says something like host x.x.x.x is >> flapping between interface..... >> >> -Marc >> >> >> >> >> On Tue, Jul 12, 2011 at 3:37 PM, Alef <[email protected]> wrote: >>> No no redistribution. I tried to keep it as simple as possible. >>> Ok let me try my hand at some ascii art. >>> >>> But before i do that, is there some inherent stupid thing about putting >>> vlan interfaces in all the vlans on all the switches ( i have dot1q trunks >>> in x between all 4 switches). I can imagine in my network it would create a >>> loop. Just a hunch if i follow the paths. Would i not automatically >>> introduce L3 loops by doing that. I think ipexpert topology is setup >>> similar ? >>> >>> ok scratch that, i uploaded a small jpg >>> http://tinypic.com/r/fkqfqr/7 >>> >>> All switches loopbacks are reachable by at least 3 paths (2 trough the FR >>> cloud, and 1 other) >>> >>> R2# >>> O 11.11.11.11 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>> [110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>> [110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>> 44.0.0.0/32 is subnetted, 1 subnets >>> O 44.44.44.44 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>> [110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>> [110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>> >>> On a probably unrelated side note, anyone ever got : >>> %OSPF-4-ERRRCV: Received invalid packet: Bad Checksum from 100.100.14.1, >>> Vlan14 >>> >>> Cisco website says change the port or cable, which i did, and cable, well >>> considering it's a dynamips sim i did that as best as i could :-) >>> >>> Can't get the message to go away though. >>> >>> On Jul 12, 2011, at 5:24 PM, Di Bias, Steve wrote: >>> >>>> >>>> What makes you think you have any kind of loop? What are the symptoms? Are >>>> you redistributing anywhere? >>>> >>>> -----Original Message----- >>>> From: [email protected] >>>> [mailto:[email protected]] On Behalf Of Alef >>>> Sent: Tuesday, July 12, 2011 8:27 AM >>>> To: [email protected] IE >>>> Subject: [OSL | CCIE_RS] loop in network? >>>> >>>> All, >>>> >>>> So i have this network, and i am thinking i have a loop. I'm just not sure >>>> where or how. >>>> And i think it started happening after i created vlan interfaces in all >>>> vlans on all switches. So Cat1 is having vlan14,vlan567 and vlan69 >>>> interfaces and all the other switches in similar. >>>> >>>> They are NM16ESW cards, but IEEE stp is running so a Layer2 loop should be >>>> out of the question. Could i still have a routing loop? >>>> I am running OSPF in one giant area 0. >>>> >>>> How would i go about solving it? I can't use split horizon as OSPF doesn't >>>> use that. Should i artificially set routes such that they get a lower >>>> metric and manipulate things like that? >>>> >>>> I attached a small picture to clarify (this is taken from the Security lab >>>> Day4 VoD btw). >>>> Mind you, it might be something different entirely although i don't think >>>> so. >>>> >>>> But it's probably going to be something very stupid. And yes, i probably >>>> don't understand switching very well yet :-) >>>> >>>> Alef >>>> >>>> >>>> UHS Confidentiality Notice: This e-mail message, including any >>>> attachments, is for the sole use of the intended recipient (s) and may >>>> contain confidential and privileged information. Any unauthorized review, >>>> use, disclosure or distribution of this information is prohibited. If >>>> this was sent to you in error, please notify the sender by reply e-mail >>>> and destroy all copies of the original message. >>> >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> > > > > ------------------------------ > > Message: 4 > Date: Tue, 12 Jul 2011 22:59:15 +0100 > From: Alef <[email protected]> > To: "[email protected] IE" <[email protected]> > Subject: [OSL | CCIE_RS] allowing ospf in acl > Message-ID: <[email protected]> > Content-Type: text/plain; charset=us-ascii > > When you have say r1 and r2 > and you want to only allow ospf in > > would applying this on R1 fa0/0 (assuming this is the connecting interface to > R2) inbound be sufficient? > Extended IP access list 101 > 10 permit ospf any any (4826 matches) > > it seems it is. Do we not need to allow ospf going out as well? In my lab R1 > has acl 102 outbound defined and there is nothing there about ospf. > > Regards, > Alef > > ------------------------------ > > Message: 5 > Date: Tue, 12 Jul 2011 17:05:26 -0500 > From: marc abel <[email protected]> > To: Alef <[email protected]> > Cc: "[email protected] IE" <[email protected]> > Subject: Re: [OSL | CCIE_RS] loop in network? > Message-ID: > <canyr4zkd5eofepvaly1-pyoit8sdfhs+3hifaysrq2umpcs...@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > You can see they all have an equal cost [110/66] of 66. Looking at > your diagram I see > > R2-R4-Cat1-Cat2-Cat2 loopback > R2-R5-Cat3-Cat2-Cat2 loopback > R2-R6-Cat4-Cat2-Cat2 loopback > > Extra fiddling is one of the best ways to learn this stuff. > > On Tue, Jul 12, 2011 at 4:49 PM, Alef <[email protected]> wrote: >> Thanks Marc. >> >> This was the problem: >> R6#sh class-map type inspect >> ?Class Map type inspect match-any corporate-to-private-class (id 1) >> ? Match protocol telnet >> ? Match protocol ssh >> ? Match protocol ftp >> >> Once i added icmp all was well. I didn't actually expect the route to go >> over that for some reason, nor do i understand why it had r6 in it's path >> with equal distance, as there is at least one more l3 switch in between >> compared to R5. Same for R4. Does it not see the "switches" as a hop or >> something ? >> O ? ? ? 33.33.33.33 [110/66] via 100.100.100.6, 00:13:27, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.100.5, 00:13:27, Serial1/1.256 >> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.24.4, 00:07:08, Serial1/0.24 >> >> This is what i get for fiddling with labs designed for a different purpose >> and then trying to add more functionality (or get more out of it) ;-) >> >> >> On Jul 12, 2011, at 10:36 PM, marc abel wrote: >> >>> Layer 2 loops are caused because switches by default flood traffic out >>> all ports, so any time you connect switches in a circular path a loop >>> would form if not for spanning-tree. >>> >>> In layer 3 this is not the case. Since you have to specifically tell >>> traffic where to route, making a circle does not make a loop. Routes >>> make loops by referring back to a host that thinks its path is back to >>> itself. So adding layer 3 interfaces is not the cause of the loops, >>> incorrect routes are. >>> >>> Take this example >>> >>> R1. >>> int g0/0 >>> ip address 10.10.10.1 255.255.255.0 >>> no shut >>> ! >>> ip route ?6.6.6.6 255.255.255.255 10.10.10.2 >>> >>> R2. >>> int g0/0 >>> ip address 10.10.10.2 255.255.255.0 >>> no shut >>> ! >>> ip route ?6.6.6.6 255.255.255.255 10.10.10.1 >>> >>> >>> Now try to traceroute to 6.6.6.6. R1 will send it to R2, R2 will send >>> it to R1, R1 will send to R2, repeat until the TTL expires. This is a >>> layer 3 loop. You will generally notice layer 3 loops by traffic not >>> reaching its destination(and proved by traceroute), or by routes being >>> repeatedly installed and removed from the routing table (debug ip >>> routing). >>> >>> Layer 2 loops will generally either keep looping the traffic around so >>> much that you lose access to the device and the whole damn network >>> crashes, or if you are lucky you might not have it so bad and you will >>> see a message in the logs that says something like host x.x.x.x is >>> flapping between interface..... >>> >>> -Marc >>> >>> >>> >>> >>> On Tue, Jul 12, 2011 at 3:37 PM, Alef <[email protected]> wrote: >>>> No no redistribution. I tried to keep it as simple as possible. >>>> Ok let me try my hand at some ascii art. >>>> >>>> But before i do that, is there some inherent stupid thing about putting >>>> vlan interfaces in all the vlans on all the switches ( i have dot1q trunks >>>> in x between all 4 switches). I can imagine in my network it would create >>>> a loop. Just a hunch if i follow the paths. Would i not automatically >>>> introduce L3 loops by doing that. I think ipexpert topology is setup >>>> similar ? >>>> >>>> ok scratch that, i uploaded a small jpg >>>> http://tinypic.com/r/fkqfqr/7 >>>> >>>> All switches loopbacks are reachable by at least 3 paths (2 trough the FR >>>> cloud, and 1 other) >>>> >>>> R2# >>>> O ? ? ? 11.11.11.11 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>>> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>>> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>>> ? ? 44.0.0.0/32 is subnetted, 1 subnets >>>> O ? ? ? 44.44.44.44 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>>> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>>> ? ? ? ? ? ? ? ? ? ?[110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>>> >>>> On a probably unrelated side note, anyone ever got : >>>> %OSPF-4-ERRRCV: Received invalid packet: Bad Checksum from 100.100.14.1, >>>> Vlan14 >>>> >>>> Cisco website says change the port or cable, which i did, and cable, well >>>> considering it's a dynamips sim i did ?that as best as i could :-) >>>> >>>> Can't get the message to go away though. >>>> >>>> On Jul 12, 2011, at 5:24 PM, Di Bias, Steve wrote: >>>> >>>>> >>>>> What makes you think you have any kind of loop? What are the symptoms? >>>>> Are you redistributing anywhere? >>>>> >>>>> -----Original Message----- >>>>> From: [email protected] >>>>> [mailto:[email protected]] On Behalf Of Alef >>>>> Sent: Tuesday, July 12, 2011 8:27 AM >>>>> To: [email protected] IE >>>>> Subject: [OSL | CCIE_RS] loop in network? >>>>> >>>>> All, >>>>> >>>>> So i have this network, and i am thinking i have a loop. I'm just not >>>>> sure where or how. >>>>> And i think it started happening after i created vlan interfaces in all >>>>> vlans on all switches. So Cat1 is having vlan14,vlan567 and vlan69 >>>>> interfaces and all the other switches in similar. >>>>> >>>>> They are NM16ESW cards, but IEEE stp is running so a Layer2 loop should >>>>> be out of the question. Could i still have a routing loop? >>>>> I am running OSPF in one giant area 0. >>>>> >>>>> How would i go about solving it? I can't use split horizon as OSPF >>>>> doesn't use that. Should i artificially set routes such that they get a >>>>> lower metric and manipulate things like that? >>>>> >>>>> I attached a small picture to clarify (this is taken from the Security >>>>> lab Day4 VoD btw). >>>>> Mind you, it might be something different entirely although i don't think >>>>> so. >>>>> >>>>> But it's probably going to be something very stupid. And yes, i probably >>>>> don't understand switching very well yet :-) >>>>> >>>>> Alef >>>>> >>>>> >>>>> UHS Confidentiality Notice: ?This e-mail message, including any >>>>> attachments, is for the sole use of the intended recipient (s) and may >>>>> contain confidential and privileged information. ?Any unauthorized >>>>> review, use, disclosure or distribution of this information is >>>>> prohibited. ?If this was sent to you in error, please notify the sender >>>>> by reply e-mail and destroy all copies of the original message. >>>> >>>> _______________________________________________ >>>> For more information regarding industry leading CCIE Lab training, please >>>> visit www.ipexpert.com >>>> >>>> Are you a CCNP or CCIE and looking for a job? Check out >>>> www.PlatinumPlacement.com >>>> >> >> > > > ------------------------------ > > Message: 6 > Date: Tue, 12 Jul 2011 23:19:00 +0100 > From: Alef <[email protected]> > To: marc abel <[email protected]> > Cc: "[email protected] IE" <[email protected]> > Subject: Re: [OSL | CCIE_RS] loop in network? > Message-ID: <[email protected]> > Content-Type: text/plain; charset=us-ascii > > Hey Marc, > To emphasise, this is for the 33.33.33.33 loopback, or Cat3 loopback route. > > I see: > R2-R5-Cat3 > R2-R6-Cat4-Cat3 > R2-R4-Cat1-Cat3 > > Why would i go through Cat2 ? So in my count it should prefer the route > through R5? > On Jul 12, 2011, at 11:05 PM, marc abel wrote: > >> You can see they all have an equal cost [110/66] of 66. Looking at >> your diagram I see >> >> R2-R4-Cat1-Cat2-Cat2 loopback >> R2-R5-Cat3-Cat2-Cat2 loopback >> R2-R6-Cat4-Cat2-Cat2 loopback >> >> Extra fiddling is one of the best ways to learn this stuff. >> >> On Tue, Jul 12, 2011 at 4:49 PM, Alef <[email protected]> wrote: >>> Thanks Marc. >>> >>> This was the problem: >>> R6#sh class-map type inspect >>> Class Map type inspect match-any corporate-to-private-class (id 1) >>> Match protocol telnet >>> Match protocol ssh >>> Match protocol ftp >>> >>> Once i added icmp all was well. I didn't actually expect the route to go >>> over that for some reason, nor do i understand why it had r6 in it's path >>> with equal distance, as there is at least one more l3 switch in between >>> compared to R5. Same for R4. Does it not see the "switches" as a hop or >>> something ? >>> O 33.33.33.33 [110/66] via 100.100.100.6, 00:13:27, Serial1/1.256 >>> [110/66] via 100.100.100.5, 00:13:27, Serial1/1.256 >>> [110/66] via 100.100.24.4, 00:07:08, Serial1/0.24 >>> >>> This is what i get for fiddling with labs designed for a different purpose >>> and then trying to add more functionality (or get more out of it) ;-) >>> >>> >>> On Jul 12, 2011, at 10:36 PM, marc abel wrote: >>> >>>> Layer 2 loops are caused because switches by default flood traffic out >>>> all ports, so any time you connect switches in a circular path a loop >>>> would form if not for spanning-tree. >>>> >>>> In layer 3 this is not the case. Since you have to specifically tell >>>> traffic where to route, making a circle does not make a loop. Routes >>>> make loops by referring back to a host that thinks its path is back to >>>> itself. So adding layer 3 interfaces is not the cause of the loops, >>>> incorrect routes are. >>>> >>>> Take this example >>>> >>>> R1. >>>> int g0/0 >>>> ip address 10.10.10.1 255.255.255.0 >>>> no shut >>>> ! >>>> ip route 6.6.6.6 255.255.255.255 10.10.10.2 >>>> >>>> R2. >>>> int g0/0 >>>> ip address 10.10.10.2 255.255.255.0 >>>> no shut >>>> ! >>>> ip route 6.6.6.6 255.255.255.255 10.10.10.1 >>>> >>>> >>>> Now try to traceroute to 6.6.6.6. R1 will send it to R2, R2 will send >>>> it to R1, R1 will send to R2, repeat until the TTL expires. This is a >>>> layer 3 loop. You will generally notice layer 3 loops by traffic not >>>> reaching its destination(and proved by traceroute), or by routes being >>>> repeatedly installed and removed from the routing table (debug ip >>>> routing). >>>> >>>> Layer 2 loops will generally either keep looping the traffic around so >>>> much that you lose access to the device and the whole damn network >>>> crashes, or if you are lucky you might not have it so bad and you will >>>> see a message in the logs that says something like host x.x.x.x is >>>> flapping between interface..... >>>> >>>> -Marc >>>> >>>> >>>> >>>> >>>> On Tue, Jul 12, 2011 at 3:37 PM, Alef <[email protected]> wrote: >>>>> No no redistribution. I tried to keep it as simple as possible. >>>>> Ok let me try my hand at some ascii art. >>>>> >>>>> But before i do that, is there some inherent stupid thing about putting >>>>> vlan interfaces in all the vlans on all the switches ( i have dot1q >>>>> trunks in x between all 4 switches). I can imagine in my network it would >>>>> create a loop. Just a hunch if i follow the paths. Would i not >>>>> automatically introduce L3 loops by doing that. I think ipexpert topology >>>>> is setup similar ? >>>>> >>>>> ok scratch that, i uploaded a small jpg >>>>> http://tinypic.com/r/fkqfqr/7 >>>>> >>>>> All switches loopbacks are reachable by at least 3 paths (2 trough the FR >>>>> cloud, and 1 other) >>>>> >>>>> R2# >>>>> O 11.11.11.11 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>>>> [110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>>>> [110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>>>> 44.0.0.0/32 is subnetted, 1 subnets >>>>> O 44.44.44.44 [110/66] via 100.100.100.6, 01:01:51, Serial1/1.256 >>>>> [110/66] via 100.100.100.5, 01:01:51, Serial1/1.256 >>>>> [110/66] via 100.100.24.4, 00:00:43, Serial1/0.24 >>>>> >>>>> On a probably unrelated side note, anyone ever got : >>>>> %OSPF-4-ERRRCV: Received invalid packet: Bad Checksum from 100.100.14.1, >>>>> Vlan14 >>>>> >>>>> Cisco website says change the port or cable, which i did, and cable, well >>>>> considering it's a dynamips sim i did that as best as i could :-) >>>>> >>>>> Can't get the message to go away though. >>>>> >>>>> On Jul 12, 2011, at 5:24 PM, Di Bias, Steve wrote: >>>>> >>>>>> >>>>>> What makes you think you have any kind of loop? What are the symptoms? >>>>>> Are you redistributing anywhere? >>>>>> >>>>>> -----Original Message----- >>>>>> From: [email protected] >>>>>> [mailto:[email protected]] On Behalf Of Alef >>>>>> Sent: Tuesday, July 12, 2011 8:27 AM >>>>>> To: [email protected] IE >>>>>> Subject: [OSL | CCIE_RS] loop in network? >>>>>> >>>>>> All, >>>>>> >>>>>> So i have this network, and i am thinking i have a loop. I'm just not >>>>>> sure where or how. >>>>>> And i think it started happening after i created vlan interfaces in all >>>>>> vlans on all switches. So Cat1 is having vlan14,vlan567 and vlan69 >>>>>> interfaces and all the other switches in similar. >>>>>> >>>>>> They are NM16ESW cards, but IEEE stp is running so a Layer2 loop should >>>>>> be out of the question. Could i still have a routing loop? >>>>>> I am running OSPF in one giant area 0. >>>>>> >>>>>> How would i go about solving it? I can't use split horizon as OSPF >>>>>> doesn't use that. Should i artificially set routes such that they get a >>>>>> lower metric and manipulate things like that? >>>>>> >>>>>> I attached a small picture to clarify (this is taken from the Security >>>>>> lab Day4 VoD btw). >>>>>> Mind you, it might be something different entirely although i don't >>>>>> think so. >>>>>> >>>>>> But it's probably going to be something very stupid. And yes, i probably >>>>>> don't understand switching very well yet :-) >>>>>> >>>>>> Alef >>>>>> >>>>>> >>>>>> UHS Confidentiality Notice: This e-mail message, including any >>>>>> attachments, is for the sole use of the intended recipient (s) and may >>>>>> contain confidential and privileged information. Any unauthorized >>>>>> review, use, disclosure or distribution of this information is >>>>>> prohibited. If this was sent to you in error, please notify the sender >>>>>> by reply e-mail and destroy all copies of the original message. >>>>> >>>>> _______________________________________________ >>>>> For more information regarding industry leading CCIE Lab training, please >>>>> visit www.ipexpert.com >>>>> >>>>> Are you a CCNP or CCIE and looking for a job? Check out >>>>> www.PlatinumPlacement.com >>>>> >>> >>> > > > > End of CCIE_RS Digest, Vol 66, Issue 26 > *************************************** _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
