Cisco router redundancy with HSRP 8:47 AM

What happens if your Internet router goes down and you lose all Internet access? Is that acceptable for your organization? You can probably get away with it for about two minutes, but you need to have a better plan than just calling a support desk.

That's why it's important to include redundancy in your network. Consider adding a backup router to your current router that can take over at a moment's notice. All you need is the hardware, and the Cisco software can take care of the rest. Let's examine how to configure this using the Hot Standby Router Protocol (HSRP).

What is HSRP?
HSRP is a Cisco proprietary protocol for redundancy. It provides nearly 100 percent router availability and redundancy. So, if one router goes down, a backup router takes over the routing functions of the primary one.

However, there are other available industry protocols supported by Cisco. One industry standard is the Virtual Router Redundancy Protocol (VRRP).

Another HSRP alternative is the Gateway Load Balancing Protocol (GLBP), another Cisco proprietary solution.

A sample network
Before we discuss how to configure HSRP, let's take a look at the network we'll use for this example. To help you better understand how HSRP works, here's a basic network diagram:

In our sample network, we've configured the PC's default gateway to IP address 10.1.1.3.
However, that IP address doesn't point to a real device; instead, it serves as the virtual IP address for whichever router is the primary.

How does HSRP work?

When using HSRP, routers can either be primary or standby. If the primary router doesn't send out the HELLO packet to the standby router for a period of time, the standby router assumes the primary router is down and thus takes over. The standby router then assumes responsibility for the virtual IP address and begins responding to the virtual Ethernet MAC address to which the virtual IP address is pointing.

The primary and standby routers exchange HSRP HELLO packets so that each knows the other router is there. These HELLO packets use multicast 224.0.0.2 and UDP port 1985. The most basic form of HSRP has been available since IOS 10.0, but there have been newer features released in the 11 and 12 versions of the IOS.

What determines the active router? First, you can configure a priority number to determine it, and then it's by the highest IP address. The default priority number is 100; a higher priority number signifies the preferred router.

Of course, when setting up router redundancy, you aren't limited to just two routers. In fact, you can set up groups of routers that work together and have multiple "standby" routers.

How do you configure HSRP?

You can accomplish almost all HSRP configuration in the router's Interface Configuration Mode using the standby command. Let's look at the steps I took to configure the network shown in the diagram.

For Router 1:

1. Configure the IP address on the Ethernet interface.
2. Configure the standby IP address.
3. Configure standby preempt. (With preempt, Router 1 will always be the primary router as long as it's available.)

For Router 2:

1. Configure the IP address on the Ethernet interface.
2. Configure the standby IP address.
3. Configure standby priority to be less than 100. (In this case, it's 99.)

Now, let's look at the configuration for our sample network.

Router 1

(show running-config output) 
interface Ethernet0/0
 ip address 10.1.1.1 255.255.255.0
 standby ip 10.1.1.3
 standby preempt

Router1# show standby
Ethernet0/0 - Group 0
  State is Active
    2 state changes, last state change 00:00:29
  Virtual IP address is 10.1.1.3
  Active virtual MAC address is 0000.0c07.ac00
    Local virtual MAC address is 0000.0c07.ac00 (default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.692 secs
  Preemption enabled
  Active router is local
  Standby router is 10.1.1.2, priority 99 (expires in 8.097 sec)
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Et0/0-0" (default)

Router1#

Router 2

(show running-config output) 
interface Ethernet0/0
 ip address 10.1.1.2 255.255.255.0
 standby ip 10.1.1.3
 standby priority 99

Router2# show standby
Ethernet0/0 - Group 0
  Local state is Standby, priority 99
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.014
  Virtual IP address is 10.1.1.3 configured
  Active router is 10.1.1.1, priority 100 expires in 7.159
  Standby router is local
  4 state changes, last state change 00:02:02

Router2#

You can use the show standby command when in Privileged Mode to check the status of HSRP. This command tells you which router is active and which is standby, as well as a number of other statistics.

On the PC, the default IP address should point to 10.1.1.3—not either of the routers. This way, if one of the routers goes down, the other will take over. And you may even be able to use this redundancy to take production routers down during the day because the HSRP failover time is less than 10 seconds.

HSRP is a valuable tool for ensuring high availability and router redundancy. Of course, there are also several HSRP options that I didn't address in this article. For more information, check out the Cisco HSRP FAQ.

.:READ MORE:.

CCNA Exam Troubleshooting 12:14 PM

Refer to the exhibit. The network administrator is in a campus building distant from Building B. WANRouter is hosting a newly installed WAN link on interface S0/0. The new link is not functioning and the administrator needs to determine if the correct cable has been attached to the S0/0 interface. How can the administrator accurately verify the correct cable type on S0/0 in the most efficient manner?

A. Telnet to WANRouter and execute the command show interfaces S0/0

B. Telnet to WANRouter and execute the command show processes S0/0

C. Telnet to WANRouter and execute the command show running-configuration

D. Telnet to WANRouter and execute the command show controller S0/0

E. Physically examine the cable between WANRouter S0/0 and the DCE.

F. Establish a console session on WANRouter and execute the command show interfaces S0/0

 Answer: D

Explanation:

The show controller command displays the information about the physical interface itself and the type of serial cable plugged into a serial port. In this case, it should be a DTE cable that plugs into a type of data service unit (DSU).

For your understanding, below is the output of this command:

From the output, we notice that serial 0/0 has a DTE cable and would get its clocking from the DSU.

--------------------------

Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit, but there is no data connectivity between them. The Atlanta router is known to have a correct configuration.

Given the partial configurations shown in the exhibit, what is the problem on the Brevard router that is causing the lack of connectivity?

A. A loopback is not set

B. The IP address is incorrect.

C. The subnet mask is incorrect.

D. The serial line encapsulations are incompatible.

E. The maximum transmission unit (MTU) size is too large.

F. The bandwidth setting is incompatible with the connected interface.

 Answer: B

 --------------------------

Refer to the exhibit. The two exhibited devices are the only Cisco devices on the network. The serial network between the two devices has a mask of 255.255.255.252. Given the output that is shown, what three statements are true of these devices? (Choose three)

A. The Manchester serial address is 10.1.1.1.

B. The Manchester serial address is 10.1.1.2.

C. The London router is a Cisco 2610.

D. The Manchester router is a Cisco 2610.

E. The CDP information was received on port Serial0/0 of the Manchester router.

F. The CDP information was sent by port Serial0/0 of the London router.

 Answer: A C E

Explanation:

From the output, we learn that the IP address of the neighbor router is 10.1.1.2 and the question stated that the subnet mask of the network between two router is 255.255.255.252. Therefore there are only 2 available hosts in this network (2² - 2 = 2). So we can deduce the ip address (of the serial interface) of Manchester router is 10.1.1.1 -> A is correct

The flatform of the neighbor router is cisco 2610, as shown in the output -> C is correct

Maybe the most difficult choice of this question is the answer E or F. Please notice that "Interface" refers to the local port on the local router, in this case it is the port of Manchester router, and "Port ID (outgoing port)" refers to the port on the neighbor router -> E is correct.

--------------------------

A network administrator has configured two switches, named London and Madrid, to use VTP. However, the switches are not sharing VTP messages. Given the command output shown in the graphic, why are these switches not sharing VTP messages?

A. The VTP version is not correctly configured.

B. The VTP operating mode is not correctly configured.

C. The VTP domain name is not correctly configured.

D. VTP pruning mode is disabled.

E. VTP V2 mode is disabled.

F. VTP traps generation is disabled.

 Answer: C

 --------------------------

The network shown in the diagram is experiencing connectivity problems. Which of the following will correct the problems? (Choose two.)

A. Configure the gateway on Host A as 10.1.1.1.

B. Configure the gateway on Host B as 10.1.2.254.

C. Configure the IP address of Host A as 10.1.2.2.

D. Configure the IP address of Host B as 10.1.2.2.

E. Configure the masks on both hosts to be 255.255.255.224.

F. Configure the masks on both hosts to be 255.255.255.240.

Answer: B D

--------------------------

Refer to the exhibit:

The network administrator has created a new VLAN on Switch1 and added host C and host D. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN. However, after the network administrator completed the configuration, host A could communicate with host B, but host A could not communicate with host C or host D. Which commands are required to resolve this problem?

A. Router(config)# interface fastethernet 0/1.3

Router(config-if)# encapsulation dot1q 3

Router(config-if)# ip address 192.168.3.1 255.255.255.0

B. Router(config)# router rip

Router(config-router)# network 192.168.1.0

Router(config-router)# network 192.168.2.0

Router(config-router)# network 192.168.3.0

C. Switch1# vlan database

Switch1(vlan)# vtp v2-mode

Switch1(vlan)# vtp domain cisco

Switch1(vlan)# vtp server

D. Switch1(config)# interface fastethernet 0/1

Switch1(config-if)# switchport mode trunk

Switch1(config-if)# switchport trunk encapsulation isl

 Answers: A

 --------------------------

Refer to the exhibit. Hosts on the same VLAN can communicate with each other but are unable to communicate with hosts on different VLANs. What is needed to allow communication between VLANs?

A. a switch with a trunk link that is configured between the switches

B. a router with an IP address on the physical interface that is connected to the switch

C. a switch with an access link that is configured between the switches

D. a router with subinterfaces configured on the physical interface that is connected to the switch

 Answer: D

--------------------------

The show interfaces serial 0/0 command resulted in the output shown in the graphic. What are possible causes for this interface status? (Choose three)

A. The interface is shut down.

B. No keepalive messages are received.

C. The clockrate is not set.

D. No loopback address is set.

E. No cable is attached to the interface.

F. There is a mismatch in the encapsulation type.

 Answer: B C F

--------------------------

While troubleshooting a connectivity issue from a PC you obtain the following information:Local PC IP address: 10.0.0.35/24Default Gateway: 10.0.0.1

Remote Sever: 10.5.75.250/24

You then conduct the following tests from the local PC:

Ping 127.0.0.1 - Successful

Ping 10.0.0.35 - Successful

Ping 10.0.0.1 - Unsuccessful

Ping 10.5.75.250 - Unsuccessful

What is the underlying cause of this problem?

A. A remote physical layer problem exists.

B. The host NIC is not functioning.

C. TCP/IP has not been correctly installed on the host.

D. A local physical layer problem exists.

 Answer: D

.:READ MORE:.

Configuring OSPF with multiple areas 8:35 PM

Open Shortest Path First (OSPF) is a fast, strong routing protocol that can be used effectively in large, multivendor routed networks. Remember from my last Daily Drill Down ”Getting to know OSPF” that if you have all Cisco routers, you’ll be better off running Enhanced IGRP (EIGRP). EIGRP is a Cisco proprietary protocol that runs great in very small to very large Cisco networks, but it will not work in networks with multivendor routers.

As hard as this may be to believe, not all networks have all Cisco routers (no!), and a routing protocol must be used that can work in a large internetwork with multiple router vendors. OSPF has this capability, but unfortunately, it is much harder to configure than EIGRP in a larger network.

OSPF in multiple areas

“Getting to know OSPF” focused on the basics of OSPF and how to configure OSPF in a single area. Remember that OSPF must have an area 0 and that any other area must connect to area 0.

I’ll use the same network here I used in that Daily Drill Down. See Figure A for a review of the network. We’ll use the same IP addresses, but each Ethernet network will be in a different OSPF area (except the Ethernet network off of the 1005A router, since that router does not run OSPF).

Typically, you will not use your WAN network as area 0, but this network will still work as an example of a multiple area OSPF network.

Configuring multiple area OSPF networks

Since we are still using the same IP addresses from my last Daily Drill Down, I’ll just remove OSPF on the 2500C, D, and E routers and then reconfigure OSPF. This is the easiest option. The 1005A and 2500B routers do not need to be configured since they are already running EIGRP between each other and we have already redistributed OSPF
into EIGRP and EIGRP into OSPF on the 2500B router.

Let’s start by reconfiguring the 2500C router. Interface Ethernet0 is now going to be in area 1, and serial0 will be in area 0. We need to be careful here and use a granular approach when configuring each interface.

Notice the wildcard 0.0.0.0, which tells the OSPF process 1 to find the IPaddress listed on an active interface and place the found interface into the area listed in the command string.This is the best approach when configuring multiple areas since it would prevent us from accidentally configuring a network range into the wrong area with an overlap.

To configure the 2500D router, we’ll remove OSPF and then place Ethernet0 into area 2 and serial0 into area 0.

I did not have to use the process ID of 34 again; I could have used any number. Remember that the process ID in OSPF is irrelevant. The only time it matters is if you have an Autonomous System Boundary Router (ASBR) (which means that the router connects to two or more Autonomous Systems).

Now, I’ll configure the last router. Router 2500E places Ethernet0 into area 3 and serial0 into the backbone area 0.

Now, let’s take a look at the routing table of the 2500B router, which should show any OSPF inter-area routes.

Cool. Notice that the O IA areas are what the 2500B router is receiving. Here is the 1005A routing table, which looks the same as when we had only one OSPF area. The D EX is a route received from an external AS.

Verifying OSPF

It is important to understand the command used to verify OSPF. The first command you typically will use is the show ip route command, but since we already covered that in the previous Daily Drill Down, we will use the more advanced OSPF commands here instead.

From the 2500B router, the command show ip ospf neighbor command will show us this.

Notice the first thing shown is the RID of each neighbor. This is the highest IP address of each router. This is important because the highest RID decides which router is the Designated Router (DR) for each area.

From the 2500C router, here is the show ip ospf interface command. Notice that it shows the RID of the router under each interface as well as the area each interface is assigned. The hello time is shown as 10 and the dead time as 40 seconds. If the 2500B does not hear a hello message from a neighbor router in four update periods, it will consider that neighbor dead.

Another thing to notice from this output is the network type. By default, a LAN interface will be broadcast network type and a WAN interface will be point-to-point.

OSPF area types

The reason you would create multiple area types is to avoid overwhelming routers with a huge routing table and topology database when they do not need to understand this information.

To reduce router overhead in a large OSPF network, you can create different types of areas. In the example above, I created what was called a standard area. This is an area that is connected to the backbone, and the Area Border Router (ABR) communicates to the routers in the internal area.

Another type of area that can be used is called a stub area. This reduces router overhead since the ABR will only send a default route to the internal routers in the area.

If you have an entirely Cisco network, you can use what is called a totally stubby area, which will reduce the overhead associated with OSPF further. The totally stubby area does not receive type 5 LSAs, which means that external routes will not be advertised into the area, only a default route, just like a stub route. However, the totally stub area will not receive summary routes from the ABR; the stub network will. (Understand that this is Cisco proprietary.)

If you wanted to create a stub network that does not receive summary routes but that does receive external redistributed routes, then you would use the not-so-stubby area (NSSA).

Configuring area types

In this section, I will show you how to configure each type of area. Configuring a stub area is pretty simple. From the ABR, just use the area 1 stub command. For example, on the 2500C router, you would use this command.

We cannot verify this command, because we would need another router within area 1 to check the routing table. If we did have a router in area 1, that router would now only receive a default route to the ABR. This is used to save memory on internal area routers because the internal routers will not have to have all routes to all networks in the routing table. They only need the path out of the area.

To configure a totally stubby area, where a summary route will not be advertised to internal routers in an area, we use this command, demonstrated on 2500D.

The internal routers that would be in area 2 would now receive a default route out of the area, but they would not receive any summary routes, while area 1 would still receive summary routes.

The last type of area to configure is an NSSA. Basically, we are trying to get an OSPF area to receive only redistributed routes from another protocol. By default, it would receive summary route updates and redistributed routes. There are some circumstances when we want to only receive either a summary route or a redistributed route. Here is the configuration, as demonstrated on the 2500E router.

Any router in the internal area 3 would now receive a default route with a path out of the area, as well as any redistributed routes being advertised on the network.

Creating a totally stubby area is the most common choice in a Cisco environment since receiving redistributed routes is not going to provide you anything that a totally stubbed area won’t provide.

Conclusion

OSPF can work well in a large network environment where you have multiple router vendors (a typical situation when you have a large network environment). It would be hard to find a huge network that has only Cisco routers. If you did have only Cisco routers, then EIGRP would be the better choice since it can now create stub areas like OSPF and is very easy to configure and run.

Remember that creating stub areas is very important in large networks because the memory involved in large OSPF configurations is immense. By creating a stub network, you can effectively have smaller routers with low memory participate in a very large OSPF network.

.:READ MORE:.

vlan configuration - Linux and Cisco Catalyst L2 2:50 AM

first install linux PC routernya use, up to want to wear anything ... but if I still use slackware. information, download the VLAN package at http://www.candelatech.com/ ~ greear /

extract tar-zxvf *. tar.gz vlan (make sure the kernel is in use already support 802.1q) "but surely if we are using sekarang2 kernel must have support browww" into the vlan directory and build with the make command .... after the build up vconfig. this program to manage all vlan configurations.

ok ".. do it"

first turn off eth0 on linux pc router [# ifconfig eth0 down], we activate the eth0 interface by giving ip 0.0.0.0 [# ifconfig eth0 0.0.0.0 up].

vlan address configuration information [vconfig add eth0 # 1] order to enable vlan 1, then the system will create a device linux vlan0001.

vlan0001 given ip at [# ifconfig-i vlan0001 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255 up]

see by using the command [# ifconfig-a]

command to do the same in well to create another vlan

vlan 2:

# vconfig add eth0 2

# ifconfig-i vlan0002 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255

vlan 3:

# vconfig add eth0 3

# ifconfig-i vlan0003 192.168.3.1 netmask 255.255.255.0 broadcast 192.168.3.255

So much configuration on the linux system, now entered into the console or telnet cisco catalyst, and then give the fa0/24 trunk mode in order to synchronize with a PC eth0 on linux router has the configuration, well here it is the configuration

# conf t

# interface FastEthernet0/24

# duplex full

speed # 100

# switchport trunk encapsulation dot1q

# switchport mode trunk

the right to synchronize between your PC and router linux Catalystnya ... then we stepped into the last event ... ie eating hehehe. ngak wall.

last step we are binding vlan configuration on the PC linux router to an existing port on the Catalyst

vlan 1 on port 1, then we must provide a configuration like this:

# conf t

# interface FastEthernet0 / 1

# duplex half

# switchport access vlan 1

# switchport mode access

vlan 2 on port 2, then we must provide a configuration like this:

# conf t

# interface FastEthernet0 / 2

# duplex half

# switchport access vlan 2

# switchport mode access

vlan port 3 on 3, then we must provide a configuration like this:

# conf t

# interface FastEthernet0 / 3

# duplex half

# switchport access vlan 3

# switchport mode access

finished .. yuk we go home hehehe

.:READ MORE:.