CCIE Lab training in Europe [7:56466]
Hi all, Could anybody recommend good CCIE Lab preparation training in Europe? There was a good one held by Proin, but it seems to be no longer available. Thanks, robert -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56466&t=56466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How RIPv1 masks are determined - confused [7:57049]
Hi, I was almost sure I understood RIP a little. Until today, grr ;-) My goal was to inject 172.16.200.0/25 OSPF routes into 172.16.12.0/26 RIP domain and I tried to use secondary addresses to extend /25 to RIP domain. We have two routers connected via serial link on the edge of a network: R1 (s0/0) (s0/1) R2 (s0/0) the rest of a network. R1 is doing OSPF/RIP redistribution and R2 only in RIP domain: router ospf 666 log-adjacency-changes redistribute rip subnets network 172.16.100.0 0.0.0.7 area 1 ! router rip redistribute ospf 666 metric 6 passive-interface Serial0/0 network 172.16.0.0 distribute-list 1 out Serial0/1 ! access-list 101 permit ip 172.16.200.0 0.0.0.7 any R1: interface Serial0/1 ip address 172.16.66.1 255.255.255.128 secondary ip address 172.16.12.2 255.255.255.192 no ip split-horizon 172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks O IA172.16.200.0/25 [110/65] via 172.16.100.2, 02:29:30, Serial0/0 C 172.16.12.0/26 is directly connected, Serial0/1 C 172.16.100.0/29 is directly connected, Serial0/0 C 172.16.66.0/25 is directly connected, Serial0/1 R2: interface Serial0/0 ip address 172.16.77.3 255.255.255.248 secondary ip address 172.16.66.1 255.255.255.128 secondary ip address 172.16.12.1 255.255.255.192 clockrate 64000 172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks C 172.16.12.0/26 is directly connected, Serial0/0 C 172.16.77.0/29 is directly connected, Serial0/0 C 172.16.66.0/25 is directly connected, Serial0/0 Now a RIPv1 update is received: Mar 1 01:12:44.149: RIP: received v1 update from 172.16.66.1 on Serial0/0 *Mar 1 01:12:44.149: 172.16.200.0 in 6 hops and the routing table looks now: C205.2.3.0/24 is directly connected, Loopback10 172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks R 172.16.200.0/29 [120/6] via 172.16.66.1, 00:00:15, Serial0/0 C 172.16.12.0/26 is directly connected, Serial0/0 C 172.16.77.0/29 is directly connected, Serial0/0 C 172.16.66.0/25 is directly connected, Serial0/0 We see that an update about 172.16.200.0 was received from 172.16.66.1 (secondary of serial interface of R1) and installed in route table. But the netmask was chosen not as I expected: not /25 subnet locally configured on s0/0 (172.16.66.2/25) has been chosen but longest-match rule was applied and /29 mask configured on one of subinterfaces won. This behaviour get me confused. Doyle vol.1 doesn't even mention of choosing masks on receive (this is a great book but lacks of little-funny-details by the way), and even more detailed and full of algorithms Zinin's book did not clear this (p.325): "The route mask is determined as follows. If the network reported is the route belongs to the same major network as one of the interfaces assigned subnets - primary or secondary - the route mask is the same as the subnet mask of the interface's address. Otherwise, the classfull default address mask is used." I expected that the router would choose netmask belonging to the subnet of update source (172.16.66.1/25 in this case). This would make more sense - or maybe I am wrong?? Could anybody clarify this? robert, -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57049&t=57049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How RIPv1 masks are determined - confused [7:57049]
Tom Martin wrote: > Robert, > > I believe that your diagram should reflect R1's serial interface to R2 > as s0/1 instead of s0/0. This caused me some confusion in trying to > figure out the configs. Actually, there is still some confusion given Sorry for that - this was copy-pasting error (there's a whole bunch of other stuff running on the routers, I had to filter these out). The addressess are unique, obviously - if they were'nt then the router would drop (as unroutable) the packet with src_IP equal to IP of one of its interfaces - so the RIP update would have got no chance to enter the RIP process. > You make a strong argument that a more logical interpretation would be > to use the local IP address 172.16.66.1/25 to interpret the route since > it is the only IP address that is on the same subnet as the sending > router (since the other IPs configured on the link should, based on > normal IP rules, require another router to communicate with the sender). > All documentation I've come across and configuration I have done > indicates that the receiving router validates the update based on major > network only, and then uses the mask of the locally configured address > of that network to interpret the incoming networks. So, technically, > interpreting the route as 172.16.77.0/29 isn't "wrong" -- it's just one > of 3 possible ways of interpreting the advertised network. That's correct - all choices, according to many written sources, are perfectly correct. But the router has to break a tie - in this case longest subnet mask was chosen. I'm still curious if this behaviour is defined somewhere or this is Cisco-feature IOS-dependent one. For reference: below is an algorithm, hopefully complete, for classfull processing of RIP updates compiled by me from various sources and documents including Doyle and Zinin. I had to add 'longest' to 'apply_mask_of_incoming_interface' based on results of testing this issue. Receiving (update): if (major net of update the same as of incoming interface ?) { NO: if (any subnets of major net of update already exist in route table known from other interfaces ?) { YES: discard( update ); exit(); NO: apply_classfull_mask( update ); populate_rt( update ); exit(); } YES: if (there are any bits in host portion) { NO: apply_longest_mask_of_incoming_interface( update ); populate_rt( update ); exit(); YES: apply_32_mask( update ); populate_rt( update ); exit(); } } Sending (update): if (subnet of update in the same major net as outgoing interface) { YES: if (subnet mask is the same as subnet mask of sending interface ?) { NO: if (the update is a host route ?) { YES: send( update ); exit(); NO: discard( update ); exit(); } YES: send( update ); exit(); } NO: summarize_classfull( update ); send( update ); exit(); } > > I'm curious as to whether your configuration works at all given the > next-hop address (172.16.66.1) is also a valid IP address on R2. Are > you able to ping 172.16.200.1 from R2? It seems to me that R2 should be It will drop packet as unroutable. robert, -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57192&t=57049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]