Posts Tagged ‘CCIE’

Automating Dial Backup

February 11th, 2012   by Daniel

This recipe includes several important features. First, notice that we have configured dial backup using an ISDN BRI interface on this router. So we have to set up the ISDN configuration:

Router1(config)#interface BRI0/0
Router1(config-if)#isdn switch-type basic-ni
Router1(config-if)#isdn spid1 800555123400 5551234
Router1(config-if)#isdn spid2 800555123500 5551235

This site is connected to a National ISDN switch. So we have defined the switch type to be basic-ni. If this had been a PRI rather than a BRI, we would have used primary-ni. And because it is a National ISDN switch, we also have to include the ISDN Service Profile Identifier (SPID) values. These define the telephone numbers associated with each of the two B channels in the BRI. Note that the syntax includes essentially the same number twice:

Router1(config-if)#isdn spid1 800555123400 5551234

The first argument is the whole telephone number including area code with 00 tacked on the end. These extra two digits vary between different telephone companies. Sometimes this needs to be a different code, such as 0101. The telephone company can tell you the correct value to include.

The second number is not always required. This is essentially the phone number that you would need to call this B channel from the other B channel. In this example, the telephone company uses seven-digit local dialing, so we can eliminate the area code.

There are several different kinds of ISDN switches, and it's important to find out what your carrier uses to ensure that you configure the router properly.

For telephone companies that use AT&T switches:

Router1(config-if)#isdn switch-type basic-5ess

For telephone companies that use Nortel DMS100 switches:

Router1(config-if)#isdn switch-type basic-dms100

Telephone companies outside of North America often use different kinds of ISDN switches. In France you would use the following command:

Router1(config-if)#isdn switch-type vn3

In Australia, the telephone company uses TS013 ISDN switches:

Router1(config-if)#isdn switch-type basic-ts013

In Norway and New Zealand:

Router1(config-if)#isdn switch-type basic-net3

In Germany:

Router1(config-if)#isdn switch-type basic-1tr6

And, in Japan:

Router1(config-if)#isdn switch-type ntt

Please contact the local telephone company supplying the BRI circuit to ensure that you have the right switch type. And be sure to ask them whether you need to configure SPIDs on your router. Some switches require them; others don't.

You can verify that you have your ISDN configuration working correctly with the show isdn status command:

Router1#show isdn status
Global ISDN Switchtype = basic-ni
ISDN BRI1/0 interface
    dsl 8, interface ISDN Switchtype = basic-ni
    Layer 1 Status:
    ACTIVE
    Layer 2 Status:
    TEI = 85, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
    TEI = 86, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
    TEI 85, ces = 1, state = 8(established)
        spid1 configured, spid1 sent, spid1 valid
    TEI 86, ces = 2, state = 8(established)
        spid2 configured, spid2 sent, spid2 valid
    Layer 3 Status:
    0 Active Layer 3 Call(s)
    Activated dsl 8 CCBs = 0
    The Free Channel Mask:  0x80000003
Total Allocated ISDN CCBs = 2
Router1#

In this case, you can see you have an "active" status at Layer 1, and both of the Terminal Endpoint Identifiers (TEI) are in a "MULTIPLE_FRAME_ESTABLISHED" state. This means that the router is talking with the telephone company's ISDN switch, and that both of the B channels are ready to go. This display also says that there are currently no active calls at Layer 3. As an aside, we should point out that this refers to the ISDN circuit's Layer 3, and not the IP network layer. When the router places a call, it will establish a PPP connection, which will support IP.

The actual dialing is done by the dialer map command:

Router1(config)#dialer-list 1 protocol ip list 101
Router1(config)#access-list 101 deny eigrp any any
Router1(config)#access-list 101 permit ip any any
Router1(config)#interface BRI0/0
Router1(config-if)#dialer map ip 10.1.99.1 name dialhost broadcast 95551212
Router1(config-if)#dialer-group 1

In this case, the dialer map says that to reach the IP address 10.1.99.1, it should dial the phone number 95551212 to reach the router called dialhost. Note that we have included a "9" at the start of this phone number. Again, you will need to ask your local telephone company whether there is a special code digit. We have seen places where we needed a 9, an 8, or nothing at all.

The broadcast keyword in this command allows both multicast and broadcast traffic to use this dialup link. This is extremely important for routing protocols such as EIGRP, RIPv2, and OSPF, which use multicasts for sending their updates between routers. This example uses EIGRP, so we need to include this keyword.

With this type of dialer configuration, you also need to define a dialer group. In this case, we have assigned this interface to dialer group number 1. You configure the behavior of this dialer group with the dialer-list statement, which defines what an interesting packet is for this network.

An interesting packet is one that will bring up the dialer, or keep it active if it is already up. If the circuit is up, then the router will reset the idle timer every time it sees an interesting packet. The result is that as long as there are interesting packets to send, the router will keep the dial session active. Otherwise, it will disconnect the call when the idle timer expires. This is particularly important when you are calling long distance numbers. If the wrong packets are considered interesting, it could mean an expensive phone bill.

So we have associated the dialer list with an access list that specifies what is interesting. In this case, all IP packets except EIGRP are interesting. It's important to remember that EIGRP packets will still pass through the dial link normally. But if the link is not active, an EIGRP packet is not sufficient to bring it up. And if the link is active, the presence of EIGRP packets alone won't prevent the router from dropping it.

However, sometimes you do want the link to remain active all the time. For example, the administrators of some small WANs like to keep ISDN sessions nailed up all the time (usually because they only pay an access charge, and not a usage or long distance charge). So if the session drops for any reasons, they want it to immediately dial up again. In this case, you could replace the access list with a new one that finds all traffic interesting:

Router1(config)#access-list 101 permit ip any any

It's easier still if you modify the dialer-list command to make all IP traffic interesting:

Router1(config)#dialer-list 1 protocol ip permit

When the router dials, it will use Point-to-Point Protocol (PPP) to carry Layer 3 protocols such as IP. So you need to define several PPP parameters:

Router1(config)#interface BRI0/0
Router1(config-if)#encapsulation ppp
Router1(config-if)#ppp authentication chap
Router1(config-if)#exit
Router1(config)#username dialhost password dialpassword

The encapsulation command simply tells the router to use PPP as its Layer 2 protocol. But because you don't want just anybody dialing into this dialhost router, it's a good idea to include some authentication. In this case, we have configured the router to use Challenge Handshake Authentication Protocol (CHAP) for authenticating PPP sessions. This basically means that both this router and the router it dials to will exchange usernames and passwords when they connect. The username for this router is the router's name. And we define the username and password for the other router with the username command.

We note in passing that Cisco supports another PPP authentication scheme called Password Authentication Protocol (PAP). CHAP is much more secure because it only passes passwords in encrypted form rather than clear text, as PAP does. CHAP is no more complex to set up, and presents no appreciable extra load on the router's resources. So we strongly recommend using CHAP rather than PAP.

Because this is an ISDN BRI interface, we would like to be able to use both of the B channels to increase the available bandwidth:

Router1(config)#interface BRI0/0
Router1(config-if)#dialer load-threshold 50 either
Router1(config-if)#ppp multilink

The command ppp multilink means that this PPP session can be split across several physical connections. This feature allows full load balancing and packet sequencing across all of the connections in the multilink bundle. In this case, we want to bond the two ISDN B channels into a single 128 Kbps PPP link. By default, the router will use only one of these channels, whichever one is available. The dialer load-threshold command specifies the rule that the router will use to bring up the second link. In this case, we have specified that if the traffic utilization in either direction (input or output) reaches ~20 percent (50/255 link utilization), then the router should bring up the second channel.

We have also modified the default idle timeout:

Router1(config)#interface BRI0/0
Router1(config-if)#dialer idle-timeout 300

By default, the router will drop the dial session if there have been no interesting packets for 120 seconds. We have increased this value to 300 seconds. Because ISDN dials so quickly, this is not vital. But with asynchronous modem dialup, it can take up to a full minute to establish a new session. You often need to increase the idle timer is to make sure that the primary connection is up and stable before disconnecting the backup circuit. It is a good idea to wait for the routing protocol to converge, and to ensure that the primary circuit isn't simply bouncing up and down. You also have to trade off between the time required to establish a new session and the cost of any long distance charges on this line. We generally recommend using an idle timeout period of 5 minutes, as shown in the example.

Finally, we come to one of the most important features of this configuration, the trigger condition. This router will dial whenever it has traffic to send to the IP address 10.1.99.1, which is the IP address of the dialhost router itself. User traffic will be directed to end devices such as servers, not to routers. The only way to bring up this dial interface is if this router needs to send an interesting packet to the dial router's IP address. This is where the floating static route comes in.

we discussed floating static routes. These are routes whose administrative distances are so high that any dynamically learned route to the same destination will be better. So the router will only install this static route if the dynamic routing protocol can't offer anything better:

Router1(config)#ip route 0.0.0.0 0.0.0.0 10.1.99.1 180

In this particular case the routing protocol is EIGRP, which has an administrative distance of 90 by default for all internal routes and 170 for external routes. So, by creating this static default route with a metric of 180, we ensure that the router will never use it if it has anything better.

The net result is that if the primary link fails, EIGRP will lose all of its routes. So the router will install the floating static route to handle any user data packets that it needs to transmit. Since this route points to the far end of the dial link, this forces the router to bring up the dial connection.

The nice thing about this way of triggering dial backup is that it is extremely robust. Anything that causes you to lose connectivity for any reason will trigger the dial backup.

which uses the backup interface method to trigger dial backup, with the floating static configuration, you have the advantage that the interface remains up but not connected when the primary circuit is working. I

And one of the most useful features of this type of trigger mechanism is that you can test the dial backup easily. If you look at the dialer list, you will see that all the router needs to initiate a dial session is to have a packet to send to the far end that matches the dialer list. So, in this particular example, you could easily bring up a dial session for testing by just logging into the remote router and pinging the IP address of the dial backup router:

Router1#ping 10.1.99.1
Post in CCIE Labs | No Comments »

Tags: ,,

sense of understanding. The CCIE labs kind

February 9th, 2012   by Daniel

Making use of CCIE, gurus have a chance to find out by themselves inside the area of networking. Only some thousand people are thought to distinct the CCIE test. CCIE labs are regarded as to impart large stage of coaching ambiance, which acts like a vital gain for candidates.

CCIE examination entails two assessments, which can be a CCIE authored check in addition to a CCIE lab test. To be able to attempt the lab exam, you'll want to crystal clear the published test. If you are not in a place to crystal clear the composed examination the 1st time, you should watch for the hundred and eighty days for retaking it. Right after clearing the developed look at, it is really most desirable to build an test for that CCIE lab exam inside 18 months. It you're not able to clear the lab examination, then you should probably re-try inside twelve months which includes a see to keep up the penned examination end result valid.

It has a time restrict of two hours and is also completed in various have a look at centers around the world. The matters lined within the composed exam depend on the specialization or track you choose. For support supplier, you will find from categories like Cable, DSL, IP Telephony, Dial, Content materials Networking, Optical, WAN switching, and Metro Ethernet. Each and every created examination is developed around inside the beta style at a value of $50 USD.

The CCIE lab exam is distinctive in naturel, as it is really an eight-hour test, which exams the facility with the applicant to configure and troubleshoot networking machines. Cisco has excessive diploma of package in its CCIE labs to be used within the lab exams. The blue print for the lab test is available on its internet site. The lab examination just isn't on the market in the slightest degree Pearson VUE or Prometric testing centers.

A standard CCIE R&S lab examination contains a two-hour hassle-taking pictures section by which you might be presented a collection of tickets for preconfigured networks throughout the CCIE labs. You ought to have the ability to identify and resolve the faults. You can proceed towards the configuration part immediately after you end the troubleshooting part.

A sound passing score is critical to aim a CCIE Labs examination. Cisco uses the help of proctors to guage the candidates with the preliminary rounds in its CCIE labs located worldwide. Factors are awarded when a criterion is met and grading is completed employing some computerized tools. The outcomes of a lab examination are mirrored inside of forty 8 hrs. A move/fail is projected inside the end consequence and in case of a fail, the areas where you happen to be lacking behind are talked about so as to put together properly earlier than a re-try.

Cisco stands out within the subject of networking by providing a CCIE certification so that you can pursue your education as well as get acknowledged by a reputed organization. The CCIE lab examination can be utilized being a platform to challenge your capability in varied tracks provided by Cisco. Attempting a lab exam requires rigorous coaching and large sense of understanding. The CCIE labs type step one to your significant potential career.

Post in CCIE Labs | No Comments »

Tags: ,,

Manual RSVP Reservations

February 8th, 2012   by Daniel

In this example, we will assume that we have a host device, acting as the sender, with IP address 192.168.100.202 and a second host, acting as the receiver, with IP address 192.168.9.100. The first host is connected to FastEthernet0/0 Router1:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface FastEthernet0/0
Router1(config-if)#ip address 192.168.100.21 255.255.255.0
Router1(config-if)#ip rsvp bandwidth 128 56
Router1(config-if)#exit
Router1(config)#interface Serial0/0
Router1(config-if)#no ip address
Router1(config-if)#encapsulation frame-relay
Router1(config-if)#fair-queue 64 256 37
Router1(config-if)#ip rsvp bandwidth
Router1(config-if)#exit
Router1(config)#interface Serial0/0.1 point-to-point
Router1(config-subif)#ip address 192.168.55.9 255.255.255.252
Router1(config-subif)#frame-relay interface-dlci 904
Router1(config-fr-dlci)#ip rsvp bandwidth 128 56
Router1(config-subif)#exit
Router1(config)#ip rsvp sender 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.100.202 FastEthernet0/0 55 1
Router1(config)#end
Router1#

The second host is connected to the Ethernet0/0 interface on Router4, which is several hops away:

Router4# configure terminal
Router4(config)#interface Ethernet0/0
Router4(config-if)#ip address 192.168.9.3 255.255.255.0
Router4(config-if)#ip rsvp bandwidth 128 56
Router4(config-if)#exit
Router4(config)#interface Serial0/0
Router4(config-if)#no ip address
Router4(config-if)#encapsulation frame-relay
Router4(config-if)#fair-queue 64 256 37
Router4(config-if)#ip rsvp bandwidth
Router4(config-if)#exit
Router4(config)#interface Serial0/0.1 point-to-point
Router4(config-subif)#ip address 192.168.56.5 255.255.255.252
Router4(config-subif)#frame-relay interface-dlci 107
Router4(config-fr-dlci)#ip rsvp bandwidth 128 56
Router4(config-subif)#exit
Router4(config)#ip rsvp reservation 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.9.100 Ethernet0/0 FF RATE 55 1
Router4(config)#end
Router4#

It is worthwhile to review how RSVP works before looking at the mechanics of this recipe. A host that wants to send a data stream to a particular destination address or multicast group first makes an RSVP request to its first-hop router. This request asks for a particular set of QoS parameters, such as application bandwidth requirements, and specifies the destination IP address. Each router decides whether it can meet the requirement, accepting or rejecting the reservation. They then make the same request of the next hop router along the path to the destination. Once all of the routers between the source and destination have reserved the appropriate resources, the original host can begin transmitting application data, using the reserved resources along the entire data path.

The method is identical for unicast and multicast reservation requests, with each router relaying the request to a downstream peer until all of the destinations have been reached. Note that RSVP is inherently unidirectional. That is, it requests resources for sending data from a particular source to a particular destination or multicast group. If you want to reserve network resources to support a two-way unicast application, both the sender and the receiver must separately initiate requests.

RESV and PATH messages

There are two general message types in RSVP, PATH, and RESV. The initial request begins with a PATH message. The PATH message describes the specific flow that will use this reservation. So it includes the source and destination IP addresses, as well as the IP Protocol, such as TCP or UDP, and any port numbers. The PATH message also includes the requested average bit rate and burst size.

The PATH message is received by an upstream router, or perhaps the ultimate destination. If it is received by an intermediate router, this router must analyze the request and decide whether it can honor it. Ultimately, if the request is accepted, the router will create a new PATH message, requesting the same resource reservation from the next upstream router, but specifying itself as the source.

PATH messages always flow from the requester toward the destination.

RESV messages flow the opposite direction. The RESV CONFIRM messages describe the actual detailed bit rate and delay characteristics required to fulfill the PATH request. If an upstream router doesn't have the necessary resource to fulfill the request, it responds with an RESV ERROR message.

In Cisco router configuration, you can configure static PATH requests by using the ip rsvp sender and sender-host commands. And you can make static reservations, which will be described to upstream routers in RESV messages, using the ip rsvp reserveration and reservation-host commands. We will describe all of these commands below.

Two service types

There are two distinct types of service that a host can specify in an RSVP request. The first is called Controlled Load Service, which is specified in RFC 2211, and the second, called either Guaranteed Quality of Service or, more accurately, Guaranteed Bit Rate Service, is specified in RFC 2212.

Controlled Load Service, in a nutshell, means that the network behaves as if each segment were completely unloaded and therefore uncongested, but with bandwidth limited to the requested amount. Cisco routers implement this type of service by isolating the different flows and employing queuing mechanisms that mimic this type of response.

Guaranteed Bit Rate Service is somewhat more complicated. This service means that the network will mathematically guarantee the worst-case end-to-end queuing delay. There are two things to note about this description, however. First, it only guarantees the worst-case latency, not the average latency. The second is that, despite this, it is possible to make an estimate of the jitter, as this is governed by the worst-case latency. As long as the worst-case latency is small, then the jitter can be effectively minimized by employing small amounts of buffering on the end devices.

Controlled Load Service is well suited to many TCP applications, which tend to behave well until they encounter congestion and dropped packets. Conversely, Guaranteed Bit Rate Service tends to be a better choice for real-time voice and video applications.

The examples

Everything we have described so far implies that the source and destination host devices or applications are making the RSVP requests. However, this is not necessarily the case. In fact, many applications that require this type of QoS support do not have RSVP capabilities. So, in this recipe, we show how to configure the routers themselves to initiate requests on behalf of the hosts.

That recipe also contains information about the basic RSVP configurations used on the routers between Router1 and Router4 (which we have mysteriously decided to call Router2 and Router3).

The ip rsvp sender command tells the router to act as if it is periodically receiving RSVP PATH requests from the specified source device:

Router1(config)#ip rsvp sender 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.100.202 FastEthernet0/0 55 1

You use this command as a proxy for a real device that is unable to send real RSVP PATH requests. So it includes all of the information that appears in a PATH request packet.

The first several arguments of this command specify the IP flow that will be using this reservation. The first two arguments specify the source and destination IP addresses, respectively. Then we have stipulated that it will use the UDP protocol with source and destination ports both equal to 1300.

The next two arguments, 192.168.100.202 and FastEthernet0/0, specify the previous-hop IP address and interface, respectively. Because we put this command on the first hop router, they may seem redundant, but actually we could put this command anywhere in the network to simulate an upstream source device.

The last two arguments request an average bit rate of 55 kbps and a burst of 1 kbyte.

Then, on the other router, we have configured a corresponding command that simulates a device sending RSVP RESV messages back toward the source:

Router4(config)#ip rsvp reservation 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.9.100 Ethernet0/0 FF RATE 55 1

Many of the arguments of this command are identical to what we saw a moment ago for the sender command. We specified the same IP addresses and UDP port numbers to define the flow. And the last two arguments just duplicate the average bit rate and burst size from the previous discussion.

The differences are where the sender command specified the previous-hop IP address and interface, here we specify the next-hop IP address and interface. Then we have two new keywords, FF and RATE.

The FF keyword indicates that this is a Fixed Filter style reservation. There are three available styles of reservation. Fixed Filter means that this reservation is for a particular flow specification only. No other applications or sessions are permitted to use it. We could have instead specified either SE or WF.

SE indicates that the router will use a Shared Explicit filter for the reservation. This means that the receiving device is specifying a list of source devices and indicating that they may all share the same reservation.

And WF means that the reservation can be shared by a Wildcard Filter. This effectively means that any source can take part in this reservation.

Finally, the RATE keyword in the ip rsvp reservation command tells the network to use Guaranteed Bit Rate service type. The other option here is LOAD, which indicates a Controlled Load service type. The receiver makes this service type request, which is why it only appears in the ip rsvp reservation command, and not in the ip rsvp sender command.

There are several useful commands for looking at the RSVP reservations. You can look at the current status of any PATH and RESV messages passing through your network with the show ip rsvp sender and show ip rsvp reservation commands. These commands give the full details on every such RSVP exchange, whether it originates with a static command on the router, as in this recipe, or a dynamically generate request from a real host:

Router1#show ip rsvp sender
To              From            Pro DPort Sport Prev Hop        I/F      BPS
192.168.9.100   192.168.100.202 UDP 1300  1300  192.168.100.202 Fa0/0    55K
Router1#show ip rsvp reservation
To            From          Pro DPort Sport Next Hop      I/F      Fi Serv BPS
192.168.9.100 192.168.100.202 UDP 1300  1300  192.168.55.10 Se0/0.1  FF RATE 55K


Router1#


So if we go to another router in the path and enter these commands again, we see the same information:


Router2#show ip rsvp sender


To              From            Pro DPort Sport Prev Hop        I/F      BPS


192.168.9.100   192.168.100.202 UDP 1300  1300  192.168.55.9    Se0/0.1  55K


Router2#show ip rsvp reservation


To            From          Pro DPort Sport Next Hop      I/F      Fi Serv BPS


192.168.9.100 192.168.100.202 UDP 1300  1300  192.168.101.7 Fa0/0    FF RATE 55K




Router2#


Post in CCIE R&S | No Comments »


Tags: ,,




relating to CCIE Bootcamp.


February 7th, 2012   by Daniel


It really is aimed to choose the  experts inside the networking firm for your famend  firm  presenting  choices for the technical departments. Along with a purpose  to obtain CCIE certification the  applicants ought to transfer by two  essential  selection  assessments. To begin  with, the  authored  examination is to be  handed once which the candidates  can sit for that Lab test.  The brief-listed candidates can solely have CCIE  certification. In an effort to prepare for your CCIE exams, CCIE Bootcamp is constructed.


CCIE Bootcamps  offer you essentially probably the  most  hassle-free  technique of  passing out the checks of CCIE. You can  find multiple firms  fairly institutes which supply CCIE Bootcamp  education  similar to Cathay Faculty. By  having a see to  improve to become qualified for the  bootcamps the institutes  regularly present a prerequisite. It  helps to boost the  prospect of the applicants to  maneuver the CCIE exams inside a more significant way  than many  others. This prerequisite is known as CCNP  standing.


The involved  payment for taking the CCIE  Security exam is  higher,  so most candidates go for just  a preparing course to cross it in a single sitting.  Some impartial  organizations and  establishments  supply courses and workshop to  those  selecting CCIE Security  instruction.   Even so, most  candidates choose to implement the instructor-led  and on-line workshops, which Cisco  supply, as a  portion of  Approved Learning Companions  system.  The  schooling   possibilities are  offered and also educators are accepted by  Cisco.


For the CCIE  Protection certification, you will need to sign up for  that  published  examination on your space  of specialization. Every one of  the exams are executed for the Cisco  approved facility, which also accepts  expenditure for your exam.  The cost  of using a CCIE  developed  examination is from $80 to $325. The  created  test is supervised and done on the computer system.  It really is of 1 or two hours paper that  contains multiple  options, drag and drop  problems  and fill around the blanks. Aside from white boards  and markers for calculations, as being a  applicant for CCIE Stability  coaching examination, you aren't  authorized to hold any other product  for the  test hall.


CCIE Bootcamp is accompanied having a  variety of  strategies to  deliver the most effective  preparation substance  to the  pupils. They  chiefly  give some must-have  publications to get  ready them for the  developed  CCIE get a look at  together with some  world-wide-web  access for the Lab  test. Counting on these two  groups the CCIE Bootcamps is divided into two  sections. The divisions are course  building in addition to the Lab simulation. The class  construction  includes two phases and they are fingers-on  coaching and lectured-based  primarily classes. In the class  framework the college  students are provided  along with the  data of Bit splitting, VLSM  and many others. Nevertheless the lab simulation is  critical part of CCIE  Bootcamp. Here the students are subjected  to deal with a multitude of real-life  situations  plus the troubleshooting  abilities are checked  accurately. That is the  best phase of CCIE Bootcamps  the site the students are nicely-prepared for the  Blueprintv4, MPLS and so on.  These methodologies  allow  students to troubleshoot any real-life  conditions  and  enrich the power to find out  the right  choices.


But there's couple dependable  institutes available  attainable from the sector which provides  full CCIE Bootcamps. One in every  of lots of  properly-renowned institutes is Cathay School which  renders  exceptionally  superb  institutions  just in case of bootcamps for CCIE. They  supply bootcamp services to  exceedingly  major  number of  college pupils from numerous  corners around the world like Australia,  Norway, United kingdom, Sweden, USA and a lot  of a lot more. In  accordance together with the statistics of this institute from  2005, they're sustaining doc selection of proportion of passing  price in CCIE examination.  This file is alone a kind of  assure for them. There are lots of  will cause to pick out Cathay Faculty for CCIE Bootcamps. The  report amount of passing  charge of just about 90%  is easily the  most  alluring  function of it. Besides it, 1 other  remarkable  attribute is  a one-to-one lab coaching which  help  the pupils to filter out all of  the  doubts regarding any downside with the instructors.


The  requested  answers relating  to the bootcamp is  available for the trustworthy  service site  which happens to  be cathayschool.com. It's a  terribly  handy  online site which  gives you quite a few putting facilities  like on-line Self-Study CCIE Lab Workbooks, one-on-one  using the net coaching, Instructor Led  teaching  etcetera. Each of the services additionally, the program durations collectively  using the  funds are effectively-described right here these kinds of which the  purchasers ought  to not be required to  face any form  of inconvenience  regarding CCIE Bootcamps.


Post in CCIE Security | No Comments »


Tags: ,,




Manual RSVP Reservations


February 6th, 2012   by Daniel


In this example, we will assume that we have a host device, acting as the sender, with IP address 192.168.100.202 and a second host, acting as the receiver, with IP address 192.168.9.100. The first host is connected to FastEthernet0/0 Router1:


Router1#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router1(config)#interface FastEthernet0/0


Router1(config-if)#ip address 192.168.100.21 255.255.255.0


Router1(config-if)#ip rsvp bandwidth 128 56


Router1(config-if)#exit


Router1(config)#interface Serial0/0


Router1(config-if)#no ip address


Router1(config-if)#encapsulation frame-relay


Router1(config-if)#fair-queue 64 256 37


Router1(config-if)#ip rsvp bandwidth


Router1(config-if)#exit


Router1(config)#interface Serial0/0.1 point-to-point


Router1(config-subif)#ip address 192.168.55.9 255.255.255.252


Router1(config-subif)#frame-relay interface-dlci 904


Router1(config-fr-dlci)#ip rsvp bandwidth 128 56


Router1(config-subif)#exit


Router1(config)#ip rsvp sender 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.100.202 FastEthernet0/0 55 1


Router1(config)#end


Router1#


The second host is connected to the Ethernet0/0 interface on Router4, which is several hops away:


Router4# configure terminal


Router4(config)#interface Ethernet0/0


Router4(config-if)#ip address 192.168.9.3 255.255.255.0


Router4(config-if)#ip rsvp bandwidth 128 56


Router4(config-if)#exit


Router4(config)#interface Serial0/0


Router4(config-if)#no ip address


Router4(config-if)#encapsulation frame-relay


Router4(config-if)#fair-queue 64 256 37


Router4(config-if)#ip rsvp bandwidth


Router4(config-if)#exit


Router4(config)#interface Serial0/0.1 point-to-point


Router4(config-subif)#ip address 192.168.56.5 255.255.255.252


Router4(config-subif)#frame-relay interface-dlci 107


Router4(config-fr-dlci)#ip rsvp bandwidth 128 56


Router4(config-subif)#exit


Router4(config)#ip rsvp reservation 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.9.100 Ethernet0/0 FF RATE 55 1


Router4(config)#end


Router4#


It is worthwhile to review how RSVP works before looking at the mechanics of this recipe. A host that wants to send a data stream to a particular destination address or multicast group first makes an RSVP request to its first-hop router. This request asks for a particular set of QoS parameters, such as application bandwidth requirements, and specifies the destination IP address. Each router decides whether it can meet the requirement, accepting or rejecting the reservation. They then make the same request of the next hop router along the path to the destination. Once all of the routers between the source and destination have reserved the appropriate resources, the original host can begin transmitting application data, using the reserved resources along the entire data path.


The method is identical for unicast and multicast reservation requests, with each router relaying the request to a downstream peer until all of the destinations have been reached. Note that RSVP is inherently unidirectional. That is, it requests resources for sending data from a particular source to a particular destination or multicast group. If you want to reserve network resources to support a two-way unicast application, both the sender and the receiver must separately initiate requests.


RESV and PATH messages


There are two general message types in RSVP, PATH, and RESV. The initial request begins with a PATH message. The PATH message describes the specific flow that will use this reservation. So it includes the source and destination IP addresses, as well as the IP Protocol, such as TCP or UDP, and any port numbers. The PATH message also includes the requested average bit rate and burst size.


The PATH message is received by an upstream router, or perhaps the ultimate destination. If it is received by an intermediate router, this router must analyze the request and decide whether it can honor it. Ultimately, if the request is accepted, the router will create a new PATH message, requesting the same resource reservation from the next upstream router, but specifying itself as the source.


PATH messages always flow from the requester toward the destination.


RESV messages flow the opposite direction. The RESV CONFIRM messages describe the actual detailed bit rate and delay characteristics required to fulfill the PATH request. If an upstream router doesn't have the necessary resource to fulfill the request, it responds with an RESV ERROR message.


In Cisco router configuration, you can configure static PATH requests by using the ip rsvp sender and sender-host commands. And you can make static reservations, which will be described to upstream routers in RESV messages, using the ip rsvp reserveration and reservation-host commands. We will describe all of these commands below.


Two service types


There are two distinct types of service that a host can specify in an RSVP request. The first is called Controlled Load Service, which is specified in RFC 2211, and the second, called either Guaranteed Quality of Service or, more accurately, Guaranteed Bit Rate Service, is specified in RFC 2212.


Controlled Load Service, in a nutshell, means that the network behaves as if each segment were completely unloaded and therefore uncongested, but with bandwidth limited to the requested amount. Cisco routers implement this type of service by isolating the different flows and employing queuing mechanisms that mimic this type of response.


Guaranteed Bit Rate Service is somewhat more complicated. This service means that the network will mathematically guarantee the worst-case end-to-end queuing delay. There are two things to note about this description, however. First, it only guarantees the worst-case latency, not the average latency. The second is that, despite this, it is possible to make an estimate of the jitter, as this is governed by the worst-case latency. As long as the worst-case latency is small, then the jitter can be effectively minimized by employing small amounts of buffering on the end devices.


Controlled Load Service is well suited to many TCP applications, which tend to behave well until they encounter congestion and dropped packets. Conversely, Guaranteed Bit Rate Service tends to be a better choice for real-time voice and video applications.


The examples


Everything we have described so far implies that the source and destination host devices or applications are making the RSVP requests. However, this is not necessarily the case. In fact, many applications that require this type of QoS support do not have RSVP capabilities. So, in this recipe, we show how to configure the routers themselves to initiate requests on behalf of the hosts.


That recipe also contains information about the basic RSVP configurations used on the routers between Router1 and Router4 (which we have mysteriously decided to call Router2 and Router3).


The ip rsvp sender command tells the router to act as if it is periodically receiving RSVP PATH requests from the specified source device:


Router1(config)#ip rsvp sender 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.100.202 FastEthernet0/0 55 1


You use this command as a proxy for a real device that is unable to send real RSVP PATH requests. So it includes all of the information that appears in a PATH request packet.


The first several arguments of this command specify the IP flow that will be using this reservation. The first two arguments specify the source and destination IP addresses, respectively. Then we have stipulated that it will use the UDP protocol with source and destination ports both equal to 1300.


The next two arguments, 192.168.100.202 and FastEthernet0/0, specify the previous-hop IP address and interface, respectively. Because we put this command on the first hop router, they may seem redundant, but actually we could put this command anywhere in the network to simulate an upstream source device.


The last two arguments request an average bit rate of 55 kbps and a burst of 1 kbyte.


Then, on the other router, we have configured a corresponding command that simulates a device sending RSVP RESV messages back toward the source:


Router4(config)#ip rsvp reservation 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.9.100 Ethernet0/0 FF RATE 55 1


Many of the arguments of this command are identical to what we saw a moment ago for the sender command. We specified the same IP addresses and UDP port numbers to define the flow. And the last two arguments just duplicate the average bit rate and burst size from the previous discussion.


The differences are where the sender command specified the previous-hop IP address and interface, here we specify the next-hop IP address and interface. Then we have two new keywords, FF and RATE.


The FF keyword indicates that this is a Fixed Filter style reservation. There are three available styles of reservation. Fixed Filter means that this reservation is for a particular flow specification only. No other applications or sessions are permitted to use it. We could have instead specified either SE or WF.


SE indicates that the router will use a Shared Explicit filter for the reservation. This means that the receiving device is specifying a list of source devices and indicating that they may all share the same reservation.


And WF means that the reservation can be shared by a Wildcard Filter. This effectively means that any source can take part in this reservation.


Finally, the RATE keyword in the ip rsvp reservation command tells the network to use Guaranteed Bit Rate service type. The other option here is LOAD, which indicates a Controlled Load service type. The receiver makes this service type request, which is why it only appears in the ip rsvp reservation command, and not in the ip rsvp sender command.


There are several useful commands for looking at the RSVP reservations. You can look at the current status of any PATH and RESV messages passing through your network with the show ip rsvp sender and show ip rsvp reservation commands. These commands give the full details on every such RSVP exchange, whether it originates with a static command on the router, as in this recipe, or a dynamically generate request from a real host:


Router1#show ip rsvp sender


To              From            Pro DPort Sport Prev Hop        I/F      BPS


192.168.9.100   192.168.100.202 UDP 1300  1300  192.168.100.202 Fa0/0    55K


Router1#show ip rsvp reservation


To            From          Pro DPort Sport Next Hop      I/F      Fi Serv BPS


192.168.9.100 192.168.100.202 UDP 1300  1300  192.168.55.10 Se0/0.1  FF RATE 55K




Router1#


So if we go to another router in the path and enter these commands again, we see the same information:


Router2#show ip rsvp sender


To              From            Pro DPort Sport Prev Hop        I/F      BPS


192.168.9.100   192.168.100.202 UDP 1300  1300  192.168.55.9    Se0/0.1  55K


Router2#show ip rsvp reservation


To            From          Pro DPort Sport Next Hop      I/F      Fi Serv BPS


192.168.9.100 192.168.100.202 UDP 1300  1300  192.168.101.7 Fa0/0    FF RATE 55K




Router2#


Post in CCIE Labs | No Comments »


Tags: ,,




CCIESecurityTrainingeducation


February 4th, 2012   by Daniel


There is not a  should always have one other  experienced  schooling  or program certificates to  qualify.


The CCIESecurityTrainingcoaching  is made of a  composed  examination to qualify after which the  lab exam. You could be  suggested to obtain at the  minimum 3-5 yrs of  job  experience  previously than hoping this certification.


The  examination for your CCIE  Protection is of two-hour  length with many different  possibilities. This  consists of hundred  questions,  that will cover subjects equivalent to applications protocols,  working  systems,  security technologies,  basic safety protocols, and Cisco  safety  purposes. The exam  supplies are  offered within the spot so you  are not authorized to usher in  outdoors reference  substances.


Network  engineers having a CCIE certificates are  thought of as because the  specialist inside the community  engineering self-discipline and the masters of CISCO  goods. The CCIE has introduced  revolution inside the  group  community in relation to technically  tough  assignments and  opportunities when using the mandatory  instruments and methodologies. There's a  program which updates and  reorganizes the instruments to supply  outstanding  provider. There are  a variety of modes of CCIE  Teaching  like  prepared  examination preparation and  efficiency based lab. This  helps to  reinforce the  efficiency and  standard for the  market  place. CISCO has launched this certification coverage in 1993  having a view to tell apart the highest authorities through the relaxation.


In order to be licensed,  foremost  created  examination need to be handed  just  after which has to cross the lab test. CISCO in any respect  situations tries to  apply fully  many CCIE  Exercise  processes for  bigger overall  performance. There are a number of  tips for that CCIE  certification. The primary stage for certification could be to move a two hrs lasting  computer primarily  based  generally MCQ oriented  composed  examination. For this test  very important  payments must be  accomplished by way of over the internet. This examination is  involved with  test vouchers and promotional codes. The authenticity  on the voucher  furnishing  agency ought to be  perfectly  acknowledged  on the  candidates. The promotional code should be  accessed properly and just in case of  fraudulent vouchers along with promotional codes shouldn't acceptable  and CISCO will not repay the value. The candidates have to  wait around five days for the  created  examination when  payment and so they can't sit for the same  examination for the  following one hundred eighty days in the event of recertification.


Which includes a watch to obtain certified and eligible for the CCIE  Instruction  some things are  to become remembered  correctly. Upon passing the  published  examination the candidates use a almost all of 18 months time for  hoping  the lab exam. When the period of time exceeds then  the authenticity of this  authored  exam might be invalid. For that very first  timer utilized to  obtain CCIE certification the  created  test is available within the kind of Beta examination with  special discounts  around. Around the Beta period the  candidates can sit only the moment  for that exam. The  results will occur inside  six to eight weeks upon the examination is in  excess of.


Another step for  that CCIE certification stands out as the Lab examination. The  shortlisted candidates for the  published  examination can exclusively  apply for that fingers-on lab  examination. However there are several  published  examination centers of CISCO even  so Lab test services  are constrained. It is an  eight hour fingers-on functional  based  for the  most part examination whereby the ability of  troubleshooting and configuring community  mostly  based  issues  and software programs are checked. For your scheduling  of Lab examination the shortlisted candidates with  the  previously  prepared  test ought to  current the identification amount together with passing rating also, the date of passing.


The price for Lab examination has to be cleared before than ninety days  of the scheduled test. With  out the fee the reservation could very well be  cancelled. Upon passing  the Lab test mixed considering the  composed  test the candidates can  use for that CCIE  certification. By considering


Post in CCIE R&S | No Comments »


Tags: ,,




Setting the DSCP or TOS Industry


February 3rd, 2012   by Daniel


The solution to this main problem is determined by the kind of potential customers distinctions you wish to create, in addition the version of IOS you will be operating inside of your routers.


There must be some thing that defines the different styles of site traffic that you want to prioritize. Usually, the less complicated the distinctions are for making, the higher. This is because every one of the checks take router resources and introduce processing delays. The most typical rules for distinguishing involving website traffic variations use the packet's input interface and straightforward IP header specifics these as TCP port numbers. The next examples show how you can set an IP Precedence worth of instant (two) for all FTP command customers that arrives as a result of the serial0/0 interface, and an IP Precedence of concern (1) for all FTP info traffic. This distinction is possible mainly because FTP manage website traffic uses TCP port 21, and FTP data usages port 20.


The newest solution for configuring this makes use of class maps. Cisco number one released this feature in IOS Version 12.0(5)T. This process first of all defines a class-map that specifies how the router will identify this sort of targeted visitors. It then defines a policy-map that truly makes the modifications to the packet's TOS field:


Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#class-map match-all ser00-ftpcontrol

Router(config-cmap)#description branch ftp control traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 101

Router(config-cmap)#exit

Router(config)#class-map match-all ser00-ftpdata

Router(config-cmap)#description branch ftp data traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 102

Router(config-cmap)#exit

Router(config)#policy-map serialftppolicy

Router(config-pmap)#description branch ftp traffic policy

Router(config-pmap)#class ser00-ftpcontrol

Router(config-pmap-c)#set ip precedence immediate

Router(config-pmap-c)#exit

Router(config-pmap)#class ser00-ftpdata

Router(config-pmap-c)#set ip precedence priority

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface serial0/0

Router(config-if)#ip route-cache policy

Router(config-if)#service-policy input serialftppolicy

Router(config-if)#exit

Router(config)#end

Router#


For earlier IOS versions, wherever class-maps ended up not around, you've gotten to make use of policy-based routing to alter the TOS discipline in a very packet. Applying this policy on the interface tells the router to work with this policy to check all incoming packets on this interface and rewrite the ones that match the route map:Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 101

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#exit

Router(config)#route-map serialftp-rtmap permit 20

Router(config-route-map)#match ip address 102

Router(config-route-map)#set ip precedence priority

Router(config-route-map)#exit

Router(config)#interface serial0/0

Router(config-if)#ip policy route-map serialftp-rtmap

Router(config-if)#ip route-cache policy

Router(config-if)#exit

Router(config)#end

Router#


Just before you can easily tag a packet for distinctive cure, you've gotten to get an especially distinct strategy of what styles of customers ought wonderful remedy, along with specifically what kind of exclusive therapy they're going to will want. Around the instance, we've made a decision to give a unique priority to FTP site traffic obtained on the special serial interface. We present methods to try this by using the two the aged and new configuration procedures.

This may show up to become a fairly artificial example. Soon after all, why would you care about tagging inbound website traffic that you have already acquired from a low-speed interface? Really, among the many most crucial ideas for applying QoS in a very network is the fact that you really should frequently tag the packet as early as possible, preferably in the edges of the network. Then, as it passes through the network, just about every router only has to evaluate the tag, and isn't going to want to do any extra classification. In this case, we'd make certain the FTP traffic returning inside other intendance is tagged with the to start with router that receives it. Therefore the outbound traffic has previously been tagged, and this is a waste of router assets to reclassify the outbound packets.


A good number of organizations actually consider this concept of marking in the edges an individual action more, and remark all acquired packet. This helps to guarantee that people are not requesting amazing QoS privileges that they aren't authorized to have. Regardless, you have to be careful of this since it could possibly every now and then disrupt reliable markings. As an illustration, a real-time application can use RSVP to order bandwidth from the network. It will be very important the packets for this software have the best suited Expedited Forwarding (EF) DSCP marking or even the network may not tackle them adequately. Even so, additionally you will not aspire to let other non-real-time applications from this same exact source hold the exact EF priority level. So, should you be going to configure your routers to remark all incoming packets at the edges, be sure that you know what incoming markings are genuine.


In that scenario, the routers are managing DLSw to bridge SNA customers by way of an IP network. Therefore the routers their selves in fact create the IP packets. This results in a further challenge on the grounds that there may be no incoming interface. So that recipe usages neighborhood policy-based routing. The very fact which the router results in the packets also gives it a significant advantage simply because it doesn't have to look at any DLSw packets which may just come about to pass through.


The benefits in the more recent class-map solution aren't evident in this particular case in point, but among the earliest substantial positive aspects appears if you need make use of the greater modern-day DSCP tagging scheme. As the mature policy-based routing solution will not immediately assistance DSCP, you've to fake it by environment equally the IP Precedence in addition to the TOS independently as follows.


Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 115

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#set ip tos max-throughput


In this case, the packet will wind up with an IP Precedence value of immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100 in binary).


Doing the same thing with the class-map method is much more direct:


Router(config)#policy-map serialftppolicy

Router(config-pmap)#class serialftpclass

Router(config-pmap-c)#set ip dscp af21


Class-maps will also be invaluable later in this chapter after we talk about class-based weighted reasonable queuing and class-based potential customers shaping.

It will be important to notice that all over this complete example, we've got only place a particular price into the packet's TOS or DSCP discipline. This, by itself, will not have an affect on how the packet is forwarded by way of the network. To perform that, you have to make sure that as each and every router while in the network forwards these marked packets, the interface queues will react appropriately to this knowledge.


At long last, we must always note that though this recipe exhibits two beneficial procedures of marking packets, applying Committed Accessibility Amount (Car or truck) features. Automobile tends for being extra reliable on greater pace interfaces.


Post in CCIE R&S | No Comments »


Tags: ,,




Fast Switching and CEF


February 2nd, 2012   by Daniel


As we discuss in Appendix B, one of the most important things you can do to improve router performance, and consequently network performance, is to ensure that you are using the best packet switching algorithm. All Cisco routers support Fast Switching, and it is enabled by default. However, some types of configurations require that it be disabled. The following example shows how to turn Fast Switching back on if it has been disabled:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#interface FastEthernet0/0


Router(config-if)#ip route-cache


Router(config-if)#exit


Router(config)#end


Router#


If you are using policies, including policies for Class-based QoS, you also need to configure Fast Switching to handle them, using the ip route-cache policy command:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#interface FastEthernet0/0


Router(config-if)#ip route-cache policy


Router(config-if)#exit


Router(config)#end


Router#


CEF, on the other hand, is not enabled by default. Unlike Fast Switching, which is enabled separately for each interface, you have to enable CEF globally for the entire router, as well as on each interface:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#ip cef


Router(config)#interface FastEthernet0/0


Router(config-if)#ip route-cache cef


Router(config-if)#exit


Router(config)#end


Router#


The ip route-cache command used to enable Fast Switching has a couple of useful options. The second example demonstrates one of these options, the policy keyword, which allows Fast Switching of policy-based routing:


Router(config-if)#ip route-cache policy


Another useful option is the same-interface keyword, which instructs the router to allow Fast Switching of packets that come in and go back out through the same physical interface:


Router(config)#interface Serial0/0


Router(config-if)#ip route-cache same-interface


You should use this option when the router frequently needs to switch packets between different networks that all connect to the same port. This could be the case for Frame Relay networks, as well as for LANs that use subinterfaces or secondary IP addresses.


Cisco supplies three useful commands to look at CEF performance. The first is show cef interface:


Router#show cef interface FastEthernet0/0


FastEthernet0/1 is up (if_number 4)


  Corresponding hwidb fast_if_number 4


  Corresponding hwidb firstsw->if_number 4


  Internet address is 172.22.1.3/24


  ICMP redirects are always sent


  Per packet load-sharing is disabled


  IP unicast RPF check is disabled


  Inbound access list is 120


  Outbound access list is not set


  IP policy routing is disabled


  Hardware idb is FastEthernet0/1


  Fast switching type 1, interface type 18


  IP CEF switching enabled


  IP CEF Feature Fast switching turbo vector


  Input fast flags 0x0, Output fast flags 0x0


  ifindex 4(4)


  Slot 0 Slot unit 1 VC -1


  Transmit limit accumulator 0x0 (0x0)


  IP MTU 1500


Router#


The output of this command shows that CEF is enabled on the interface FastEthernet0/0, as well as information about inbound and outbound ACL's and policies. In this example, you can see that the interface has an access-group configured to use access-list number 120 to filter inbound traffic.


You can use the show cef drop and show cef not-cef-switched commands to see more detailed CEF forwarding statistics:


Router#show cef drop


CEF Drop Statistics


Slot  Encap_fail  Unresolved Unsupported    No_route      No_adj  ChkSum_Err


RP            71           0           0         105           0           0


Router#show cef not-cef-switched


CEF Packets passed on to next switching layer


Slot  No_adj No_encap Unsupp'ted Redirect  Receive  Options   Access     Frag


RP         0       0           0        0      572        0        0        0


These commands show you details of CEF's operation on the router. The first command shows how many packets CEF has had to drop, and the reasons for the drops. The Slot column in the output of both commands refers to the VIP slot where the packets were received. In this case, the router didn't have any VIP cards because it was a Cisco 2600. So all packets are received by the Route Processor, which is indicated by the RP in the leftmost column.


The Encap_fail column in the show cef drop output shows the number of packets that CEF has dropped because they were incomplete and there was no adjacency route in the CEF table. Unresolved indicates the number of packets dropped because CEF could not resolve the destination address prefix. If there had been any packets that could not be switched by CEF because of unsupported features, they would appear in the Unsupported column. The No_route column shows the number of packets dropped because CEF didn't have a route to the destination. Similarly, No_adj shows the number of packets for which CEF did not have an entry in its adjacency table, so it had to send an ARP query. And, finally, ChkSum_Err shows the number of times that CEF had to drop packets because they were corrupted.


The show cef not-cef-switched command has similar output. No_adj is the same here as it was in the show cef drop command, while Unsupp'ted is the same as the Unsupported column. The No_encap column counts the number of packets that could not be switched because they were encapsulated in another protocol. Redirect means that CEF has had to send these packets to another algorithm, usually process switching, to handle. And Receive lists the number of packets that were received from another internal switching algorithm. The remaining columns are rarely of interest in practice.


You can display the CEF version of the routing table with the show ip cef command:


Router#show ip cef


Prefix              Next Hop             Interface


0.0.0.0/0           172.25.1.1           FastEthernet0/0.1


0.0.0.0/32          receive


172.16.2.0/24       attached             FastEthernet0/1


                    attached             FastEthernet1/1


172.22.1.0/24       attached             FastEthernet0/1


172.22.1.0/32       receive


172.22.1.3/32       receive


172.22.1.4/32       172.22.1.4           FastEthernet0/1


<many lines deleted>


Router#


Notice in this output that there are actually two equal-cost routes to 172.16.2.0/24. CEF supports load balancing between these two paths.


You can expand the detail on these entries with the show ip cef detail command:


Router#show ip cef detail


IP CEF with switching (Table Version 31), flags=0x0


  31 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 1


  31 leaves, 21 nodes, 25560 bytes, 62 inserts, 31 invalidations


  0 load sharing elements, 0 bytes, 0 references


  universal per-destination load sharing algorithm, id 0697166A


  3(1) CEF resets, 0 revisions of existing leaves


  Resolution Timer: Exponential (currently 1s, peak 1s)


  0 in-place/0 aborted modifications


  refcounts:  5672 leaf, 5632 node




Adjacency Table has 5 adjacencies


0.0.0.0/0, version 27, cached adjacency 172.25.1.1


0 packets, 0 bytes


  via 172.25.1.1, FastEthernet0/0.1, 0 dependencies


    next hop 172.25.1.1, FastEthernet0/0.1


    valid cached adjacency


0.0.0.0/32, version 0, receive


172.16.2.0/24, version 21, attached, connected


0 packets, 0 bytes


  via FastEthernet0/0.2, 0 dependencies


    valid glean adjacency


172.16.2.0/32, version 10, receive


172.16.2.1/32, version 9, receive


172.16.2.255/32, version 11, receive


172.22.1.0/24, version 22, attached, connected


0 packets, 0 bytes


  via FastEthernet0/1, 0 dependencies


    valid glean adjacency


172.22.1.0/32, version 16, receive


<many lines deleted>


Router#


Post in CCIE Labs | No Comments »


Tags: ,,




distinct the CCIE test


January 31st, 2012   by Daniel


Making use of CCIE,  gurus have a chance to find out  by themselves inside  the area of  networking. Only some thousand people  are  thought to distinct the CCIE test. CCIE Lab are regarded as to impart  large  stage of coaching  ambiance, which acts like  a  vital  gain for candidates.


CCIE examination entails two assessments, which  can be a CCIE  authored  check  in addition to  a CCIE lab test. To be  able to attempt the lab  exam, you'll want  to  crystal clear the  published  test. If you are not in a place to  crystal clear the  composed  examination the 1st  time, you should watch for the hundred and eighty days for  retaking it. Right after clearing  the  developed  look at, it is really most  desirable to build an test for that CCIE  lab exam inside  18 months. It you're  not able to clear the lab examination, then you should probably re-try inside twelve months which includes a  see to keep up the  penned  examination end result valid.


It has a time restrict of two  hours and is also completed in  various have a look at centers around the world. The  matters lined within the  composed  exam depend on the  specialization or track you choose. For support  supplier, you will  find from  categories like Cable, DSL, IP Telephony, Dial,  Content  materials Networking, Optical, WAN  switching, and Metro Ethernet. Each and every  created  examination is  developed  around inside the beta  style at a value of $50  USD.


The CCIE lab exam is  distinctive in naturel, as  it is really an eight-hour test, which  exams the facility  with the applicant to configure and  troubleshoot networking  machines. Cisco has  excessive  diploma of package in its CCIE labs to be used  within the lab exams. The blue print for the lab test is available on  its internet site. The lab  examination just isn't  on  the market in the slightest degree Pearson VUE or Prometric testing  centers.


A standard CCIE R&S  lab examination contains a two-hour hassle-taking pictures section by  which you might be presented a collection of  tickets for preconfigured networks throughout the CCIE labs. You ought to have the ability to identify and  resolve the faults. You can proceed towards the configuration part  immediately after you end the  troubleshooting part.


A sound passing score is critical to aim a CCIE  lab examination. Cisco uses the help of proctors to guage  the candidates with the preliminary rounds in its  CCIE labs located worldwide. Factors are awarded when a criterion is met  and grading is completed employing some  computerized tools. The outcomes of a lab examination are mirrored  inside of forty 8 hrs. A  move/fail is projected inside the end  consequence and in case of a fail, the  areas where you happen to be lacking  behind are talked about so as to put together properly earlier than a  re-try.


Cisco stands out within the  subject of networking by providing a  CCIE certification so that you can pursue your education as well as get  acknowledged by a reputed organization. The CCIE Labs examination can be utilized being  a platform to challenge your capability in varied tracks provided  by Cisco. Attempting a lab exam requires rigorous  coaching  and  large  sense of understanding. The CCIE labs  type step one to your  significant  potential career.


Post in CCIE Labs | Comments Closed


Tags: ,,




approach to get CCIE Certification


January 17th, 2012   by Daniel


Perfect CCIE  Workout  additionally, the  suitable solution to get CCIE Certification CCIE Training


There is not a  need to have one additional  skilled  education  or program certificates to  qualify. The CCIE Stability  training  includes a  composed  examination to qualify then the  lab test.  You are  recommended to acquire with the  minimum 3-5 decades of  job  skills  before than trying this certification.


The examination for the CCIE  Safety is of two-hour  length with various  selections. This  is made of hundred  questions,  which will cover subjects equivalent to applications protocols,  working  systems,  basic safety technologies,  security protocols, and Cisco  basic safety  apps. The test  provides are  furnished within the spot therefore you  aren't allowed to usher in  outdoors reference  supplies.


Network engineers having a CCIE certificates are  considered because the  knowledgeable inside the group  engineering self-control along with the masters of CISCO  merchandise. The CCIE has introduced  revolution in the  community  business with regards to technically  difficult  assignments and  methods while  using the mandatory  instruments and methodologies. There may be a  software which updates and  reorganizes the instruments to produce  high quality  service. There are  different modes of CCIE  Coaching  like  written  examination planning and  effectivity centered lab. This  facilitates to  reinforce the  efficiency and  standard of your  sector. CISCO has launched this certification policy in 1993  which  includes a see to tell apart the  very best authorities in the relaxation.


In order to be certified,  foremost  published  examination needs to be passed  once which has to cross the lab test. CISCO in the least  situations tries to  apply completely  a variety of CCIE  Exercise  processes for  greater functionality. There are  a variety of  guidelines for your CCIE  certification. The very first move for certification would be  to pass a two hrs lasting  laptop centered  for the  most part MCQ oriented  published  examination. For this test  critical  payments need to be  accomplished by the use  of on-line. This examination is  affiliated with  examination vouchers and promotional codes. The authenticity  within the voucher  providing  firm should be  well  acknowledged  towards the  candidates. The promotional code should be  accessed effectively and in case of  fraudulent vouchers alongside promotional codes mustn't suitable  and CISCO won't repay the cost. The candidates need  to  wait around five days for the  written  examination immediately  after  payment and they can  not sit for that similar  examination for your  subsequent one hundred eighty days in case of recertification.


That has a see to acquire licensed and  qualified for your CCIE  Schooling  some things are  to be remembered  accurately. After passing the  published  examination the candidates use a a majority of eighteen months time for  trying  the lab examination. If your time period exceeds then  the authenticity within  the  developed  exam will likely to be invalid. For that first  timer utilized to acquire CCIE certification the  prepared  test is obtainable inside the kind of Beta examination with  discounts  around. With  the Beta period the  candidates can sit only as soon as  for your test. The  results will occur inside  6 to 8 weeks just after the examination is around.


The following  stage for your CCIE  certification may be the Lab test. The  shortlisted candidates of  your  authored  test can exclusively  apply for that fingers-on lab  test. While there are lots of  composed  examination centers of CISCO at the  same time Lab exam services  are confined. It is an  eight hour fingers-on sensible  based  largely examination whereby the power of  troubleshooting and configuring neighborhood  generally  centered  conditions  and software  package are checked. For your scheduling  of Lab examination the shortlisted candidates of this  earlier  written  test have to  present the identification amount in conjunction with passing rating in  addition to the date of passing.


The cost for Lab examination  needs to be cleared  before than ninety days of the  scheduled test. With out the  fee the reservation could be  cancelled. Soon after passing  the Lab test blended while using the  written  exam the candidates can  use for your CCIE  certification. By considering all the  information  connected while using the  talked about  simple  steps, it's possible to get  the CISCO certification in hand and be  certified  for your CCIE  Exercise.


Post in CCIE R&S | Comments Closed


Tags: ,,