Well another Narbik bootcamp is over. Certainly glad I attended the second one. Picked up a few things I missed first time around and now I’ve got some more gear to go over…
I’ve booked a date for the Lab too. I wont tell you what it is though! 
You know why these things are called 2600s?
That’s how long they take to reload!!
2600/60 (seconds) = 43 minutes.
Move along… Nothing to see here.
Here I am back in Sydney for the second edition of Narbik’s bootcamp. It would appear he likes to add bits and peices to each course he does, which is good I think…
Mind you, I am stuck here with no credit card and $40 cash to my name. The bank is being a PITA, and I cant get a new card until at least Thursday. I’m not going to whinge… I’ve got too much stuff I need to do. Like more L2 in preparation for OSPF today!
Been a while since Ive written hasnt it?
Well right now I am in sunny Sydney, it is 21º and I am in Narbik’s training room looking out the window at the Sydney Cisco office. I am resitting his bootcamp like he recommends, and I think I will schedule my lab for a fortnight after I finish the course. I’ll write during the course my notes and thoughts.
Hope you didnt miss me too much! Do you even remember me?
PS My site was ravaged with spam bots so I had to do a complete cleanout of the thing… Hope not too much stuff is missing but I think I might need to fix some ads up….
Narbik always recommends one attends his Bootcamp, study, then attend another one. Narbik just so happens to have one coming up in Sydney from 29th September to 3rd of October. He offers the resit for free too… Makes sense I suppose as you have already been supplied with the training materials so you don’t need to pay for them again…
I found Narbik’s course excellent, and the best training course I have ever attended, except for ones I delivered of course (in case you forgot I am a CCSI and MCT)
All jokes aside, Narbik has upcoming courses in USA in California in October, November and December; Dubai in October and December; Malaysia in October and Amsterdam in September and December. Please stay out of the “Coffeeshops” in Amsterdam whilst attending the course.
If you want to get your CCIE studies well on track, then I urge you sit one of these courses. However if you live in Adelaide, then do not sit one of these courses. I would prefer it that there were less CCIEs here as it would make me look better.
I spent a lot of time on BGP. Narbik has some nasty regexps in his bootcamp book. Hopefully they aren’t that nasty in the real lab.
My local Hungry Jacks would have me on their VIP list now. This study stuff has increased my HJs (Burger King to the rest of the world) intake into orbit. So much so that will be opening a HJs on the International Space Station just for me! I have also been relaxing during down time by getting into playing Poker in the National Poker League and watching the World Poker Tour on Joost. Vince Van Patten is a legend!
Anyway…
I will start work on IP Services now. I always find that stuff pretty easy. Security will be next… that’s pretty straightforward too.
So how about Spain last night? Isn’t it amazing what Fernando Torres can do with a decent bunch of players around him. Shame he has nothing like that at his current club… Well it’s not a shame really I was hoping Germany would win but Spain did the business. Now all I can hope for is Christiano Ronaldo to piss off to Real and for Chelsea to sign Robinho!
I slept in this morning… I was exhausted last night. I know I havent updated my notes for two days. I’ll need to sort those out later.
Today we are doing QOS, Security and tips & tricks. Plus anything else left over.
Some rough notes- Ive been up a long time
Summarising:
ip summary-address eigrp xxx a.b.c.d mask leak-map yyy
leak-map will advertise specific routes that match the route-map yyy. If route-map yyy does not exist, then no specifics are advertised. If route-map yyy exists, but the ACL in yyy is not there then is matches any, therefore will advertise ALL specifics as well as the summary. No leak-map advertises the summary only. Multiple summaries are allowed, unlike RIPv2.
Authentication:
md5 only. key-chain
ip authentication key-chain eigrp ASNUM xxx
ip authentication mode eigrp ASNUM xxx
Default route injection:
interface#ip summary-address eigrp xxx etc -> best way!
router#ip route 0.0.0.0 0.0.0.0.0 null0
router#network 0.0.0.0
redistribute static/connected etc is bad in EIGRP because the external AD is 170
ip default-network w.x.y.z -> classful network, network must be advertised into EIGRP
router#no default-information allowed in -> stops the propagation of default route if received elsewhere via ip default-network command
Metric:
Betty Doesnt Really Like Much – Bandwidth (kbit), Delay (sum of all delays), Reliability (x/255), Load (x/255), MTU (bytes)
((sum of all delays/10) + (10,000,000/lowest BW in path)) x 256 = metric
to change:
router# metric weight 0 a b c d e -> 0 = TOS (always 0) a = K1 (BW multiplier) b = K2 (load multiplier) c = K3 (delay multiplier) d = K4 (reliability multiplier) e = K5 (reliability multiplier).
[K1*BW + (K2*BW)/(256-Load) + K3*Delay] * [K5/(Reliability + K4)]
Default is: EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
Stub networks:
Suppresses transit eigrp updates. Will receive updates, but will not pass down to downstream neighbours.
R1(config-router)#eigrp stub ?
connected Do advertise connected routes
leak-map Allow dynamic prefixes based on the leak-map
receive-only Set IP-EIGRP as receive only neighbor
redistributed Do advertise redistributed routes
static Do advertise static routes
summary Do advertise summary routes
Waiting for some routers to reload between Labs. May was well put the time to good use. Today we went all through OSPF with a fine tooth comb. Once dissected with the comb, each strand was further splayed and examined under a microscope. We then held a magnifying glass over the eyepiece of the microscope, then we projected it onto a wall and magnified it about a million times.
I think you get the idea.
I think I learned more about OSPF today that what I have in my 10 years of commercial/professional/telco/ISP experience.
I wanted to break things up a little so I did some IPv6 labs (mainly RIPng) over the past hour or so. I’ll put some of my well dodgy notes from today’s OSPF lectures down, do some IPv6/OSPFv3 labs then later do some OSPFv2/IPv4 labs.
Here we go:
(this is meant to be a table – dont laugh. Im a network guy not a web guy)
LSA Type Advertised by? Routing table entry ”show ip ospf database ?”
1 all O router
2 DRs - network
3 ABRs IA summary
4 ABR - asbr-sum
5 ASBR E2/E1 external
6 MOSPF – *ignore lsa mospf
7 ASBR-NSSA N1/N2 nssa-external
I’ll just like to add that I think, even after all this time, “not so stubby area” sounds funny.
OSPF states – what’s happening?
Down – hellos sent, none received
INIT – received hello
2WAY - hellos & router-ids exchanged, DR election
EXSTART – DR & BDR adjacency, DR & others master/slave
EXCHANGE – DDP packets, database exchange
LOADING – LSR/LSU/LASCK
FULL – wheeeeeeeee
ip ospf retransmission interval
If LSACK doesnt come, neighbour is considered down after dead timer expires
State can be FULL, but routes wont be inserted into routing table unless network types are ok
Your OSPF is stuck somewhere?
DOWN – interface down, no neighbour statement for non-broadcast
INIT – ACL blocking, corrupt DB 
2WAY – DR to DROTHER
EXSTART/EXCHANGE mtu mismatch- fix mtu or ip ospf mtu-ignore
LOADING – bad LSAs coming in (why?), Hardware problem (usually RAM)
FULL – network types not matching
Network types:
Broadcast – Ethernet, 10/40 hello/dead, DR/BDR election. 224.0.0.5|6 multicast addresses, next hop = originating router, not advertising router.
non-broadcast – Frame-relay, 30/120, DR/BDR (needs neighbour command), next-hop originating router
point-to-multipoint (broadcast) – partial mesh Frame-relay, 30/120, no DR/BDR, 224.0.0.5 (ie no DR address, just 224.0.0.5 all OSPF address), next-hop advertising router – special O routes
point-to-multipoint non-broadcast – needs manual neighbour command and cost. Used for non-equal bandwidth so you can influence routing:
(warning! ASCII art!)
_________1_______
| |
2 3
| |
_________________
Say 1 has 1.5M link, 2 has 128k, 3 has 64k.
on 1:
router ospf 1
neighbor 2 cost 32
neighbor 3 cost 64
etc
fast neighbour down detection?
ip ospf dead-interval min hello-multiplier x
Dont run debugs when doing this… Unless you dont want to log into the router again
Authentication:
Area Interface
enable router int
apply int int
Summarising:
R1———2———-3————-4
lets say R1 has a few loopbacks on it you wish to summarise.
if R1 is ASBR (summarising LSA type 5s and 7s)
summary-address xxx
if R2 is ABR (LSA type 1s):
area range xxxxx/yy
Filtering:
1——–2————-3———4(RIP)
5
R1-R2-R5 area 1, R2-R3 area 0, R3-R4 area 2
LSA1 1) distribute-list on local router (on R5) 2) area 1 range xxxxxx not-adv (on R2)
LSA3 3) dl on local router, 4) IP prefix list (on R3)
ip prefix-list TEST seq 5 deny 1.0.0.0/8
ip prefix-list TEST seq 10 permit 0/0 le 32
area 2 filter-list prefix-list TEST in
LSA5 or 7 5) DL on each router, 6) distribute-list out on R4 (ONLY TIME outbound), 7) summary-address x.x.x.x not-adv on ASBR R4
DB filtering:
if# ip ospf database-filter all out -> blocks all outbound LSAs
router# neighbor X database-filter all out -> must be point-to-multipoint
Cost:
reference/BW = cost default ref=100
if changing, change on all routers
router# auto-cost reference-bandwidth xxx
you might need to configure all routers so that 10M Ethernet links have a cost of 85 etc
DB overload protection:
out: redist maximum-prefix xxx warn%
in: max-lsa xxx warn etc
I cant sleep. What a fantastic opportunity! I can do more labs!
I’ll do the rest of the frame-relay labs now. If I have time left before class (we are doing OSPF and EIGRP today) I might see if I can squeeze in RIPv2 and/or IPv6 before Narbik beats us about the head with LSA floods and Not So Stubby Areas and the like.