CCNP ROUTE online exam guide v1 2

To configure a static default route: R1conf# ip route 0.0.0.0 0.0.0.0 address|interface Floating Static Routes There are some circumstances when it makes sense to use a static route as

Introduction

I started www.ccnpguide.com as a way for me to capture technical notes as I prepared for the three major CCNP Exams – SWITCH, ROUTE,

& TSHOOT As I began sharing my notes with the world, I immediately started to receive feedback on the SWITCH exam’s focus areas and how difficult it was What I realized was that the exam prep resources available (read: Cisco Press Books) were not even covering all of the exam topics, including some that you were required to configure in live simulation scenarios First-time fail rates seemed normal and a big part of that was because the some of the simulation scenarios required you to know some extremely specific protocol configuration details that most network professionals just wouldn’t know off the top of their heads

I began to tailor my notes to include topics that were not being covered in “official” exam guides and trimmed down those that just were not necessary The feedback was overwhelmingly positive from the online community! The problem is, of course, that the notes were not formatted well for off-line consumption and didn’t include enough lab/scenario-based examples

This guide is an answer to the countless requests to create a portable, comprehensive, and exam-focused ROUTE prep guide I’ve refined the online notes even more to focus exclusively on exactly what you Cisco expects you to know on exam day I have also included a

Simulation Scenarios section at the end Lastly, Exam Takeaway notes are scattered throughout the guide to help connect you with the most important topics and study suggestions

Here’s my recommendation Read through this manual a few times and make sure you understand each chapter Pay close attention to the

Exam Takeaway notes and take them seriously After you feel comfortable with the details in each chapter, go to the Simulation Scenarios section and run through the three scenarios until you can solve them off the top of your head That may mean running through them ten times each, but trust me – you’ll thank me when you sit for the test

If you have questions, exam feedback, or want to reach out to me directly - shoot me an email at aaron@ccnpguide.com I promise you’ll get a response

Best of luck

Aaron

Routing

Basics

Static Routes

In order for routers to forward packets to remote networks, they must know how to reach them There are two options: static or dynamic routes

Static routes are manually configured on each router They are used for a couple of reasons:

• where there is only a single path to a network (a.k.a stub network)

• when connecting to an ISP and configuring it as a default (static) route

There are a number of problems with implementing static routes network-wide Some include:

• failure to scale well

• does not automatically react/recover to changes in the network

• tedious to configure for large networks (see point 1)

To configure a static route:

R1(conf)# ip route prefix mask address|interface [distance]

The prefix and mask is the destination network and subnet mask You can use address to define the IP address of the next hop towards the destination network or specify a local router interface that the router will use to send traffic out to the destination network The

optional distance descriptive can be used to manually define the administrative distance for the route

Static Default Routes

One of the most common uses of static routes is for creating a default route There are often cases when you want to forward packets that

is not defined in a specific route out an interface or towards another router A common example is when connecting to an ISP If traffic is destined for an address range not defined within your organization (i.e your coworker’s Facebook updates), then it makes sense to

configure a default route towards your ISP or other organization

To configure a static default route:

R1(conf)# ip route 0.0.0.0 0.0.0.0 address|interface

Floating Static Routes

There are some circumstances when it makes sense to use a static route as a backup to a dynamic routing protocol In order for this to work, however, the default administrative distance value on the static route must be raised so it will have a lower priority than the dynamic routing protocol (see administrative distance section below)

• RIP v1,2 (ok, maybe this isn’t very “modern”)

When routers run a distance vector dynamic routing protocol, they periodically send information about their known routes to their

connected neighbors This is how the router knows whether changes have been made to the network They compare their routing table against the information they receive from their neighbors – if it matches, their good If not, they update their routing tables to reflect the changes

RIP is an example of a distance vector routing protocol

Link State

Link state routing protocols operate differently Routers send information about the state of their links to the entire network (or area) that they are a part of In this way, each router understands the entire network topology and must run an algorithm every time a network change is announced to recalculate the best routes throughout the network This makes link state routing protocols much more processor intensive

The second major difference in link state routing protocols is that updates are only sent is a change on a router’s link occurs This helps keep bandwidth utilization low, unlike distance vector protocols which send out reoccurring updates regardless if a change has occurred

OSPF and IS-IS are examples of a distance vector routing protocols

Advanced Distance Vector

This is the tile Cisco gives to EIGRP, which borrows the best attributes of both distance vector and link state designs EIGRP does not send periodic route information, instead it sends updates only when changes occur (like link state protocols) Also, EIGRP forms neighbor

relationships with its directly connected peers and only updates them – not the entire network (like distance vector protocols)

Classeless

Classless routing protocols (like RIPv2, EIGRP, OSPF, IS-IS, and BGP) include the subnet mask in routing updates allowing for VLSM support and supernetting

Administrative Distance

Routers need a way of determining which path to use to a destination network if two or more routing protocols are in use and both

advertise a route Administrative distance is Cisco’s answer Cisco has assigned an administrative distance (AD) to each routing protocol that outlines which protocol a router will prefer The AD values can be between 0 and 255 with the lowest values being used for routing

Default AD values :

For example, if router R1 receives a route to network 10.10.10.200.0 from both EIGRP and a OSPF, the router will compare the

administrative distance of the EIGRP learned route (90), to that of OSPF (110) The router will then add EIGRP’s route to the routing table because its AD is lower (90 < 110)

Summary

Enhanced Interior Gateway Routing Protocol

Enhanced Interior Gateway Routing Protocol, or EIGRP, is a Cisco proprietary, advanced distance vector dynamic routing protocol

EIGRP Characteristics

Fast Convergence

EIGRP uses the DUAL algorithm to converge very quickly It does this by knowing neighbor router’s routing tables and predefining primary

and secondary routes to every destination network

Triggered Updates

EIGRP uses partial triggered updates to its directly connected neighbors rather than periodically sharing its entire routing table This saves

link bandwidth because updates are only sent if a change is incurred, only the changes are sent in the update, and lastly – the updates are

only sent to a routers’s affected neighbors Very efficient!

Protocol Independent

Enhanced Interior Gateway Routing Protocol supports more than just IPv4 It supports IPv4, IPv6, IPX, and AppleTalk

Multicast

EIGRP sends route updates, hellos, and queries to its neighbors using the multicast address 224.0.0.10 so end hosts are not affected

Hellos are sent out every 5 seconds by default to learn about new neighbors and make sure existing neighbors are still available

VLSM

Variable length subnet masking is supported by EIGRP because it is a classless routing protocol That means subnet masks are included in route updates

Terminology

Feasible and advertised distance

EIGRP’s DUAL algorithm determines the best route to a particular network by using distance information, known as cost or metric DUAL determines the lowest cost path by adding up the cost to the destination network Neighbors exchange the cost to every route they know

of when a neighbor adjacency is formed A router then uses that information to calculate their own cost to the same network by adding the cost between themselves and their neighbor, then adding that to the neighbor’s advertised cost

So, (the cost between neighbors) + (the neighbor’s cost to the destination network) = the total cost to the network, or the feasible

distance The cost the neighbor advertised to the remote network is know as the advertised distance

See the diagram below

Successor

Think of the successor as the active, or primary, route to a destination for EIGRP The successor is actually the neighbor router that has the

least-cost path to a destination network (a.k.a has the lowest feasible distance) Successor routes are added directly to the routing table

You should also know that if multiple successors can exists if they have identical feasible distance values

Feasible Successor

This is more like the backup route EIGRP chooses to a destination network This is what makes EIGRP convergence so unique and so fast

It always tries to find a backup route to that in the even that the successor fails, it can immediately switch over to the feasible successor

(backup) route with very little delay To qualify as a feasible successor, the AD must be less than the successor’s FD This helps ensure a

loop-free layer 3 path

Tables

Neighbor Table

EIGRP discovers neighbors by sending out hellos every 5 seconds When a routers receives a hello with the same AS number defined, it

forms an adjacency and adds the local interface it used to reach it as well as the neighbor’s IP address to the EIGRP neighbor table

Topology Table

When routers form an adjacency, they exchange route information That

information is transferred to the EIGRP topology table, which contains all

the destinations advertised by a router’s neighbors

There are two different types of entries in the topology table, active and

passive Now you may think that the active entry is the preferred or

“actively-in-use” route, but surprisingly, the opposite is true The route in

the topology table that is in the active state signifies that it is “actively”

looking for an alternative path to a destination because the successor has

failed and no FS exists Obviously this is not an ideal scenario

If a router’s successor becomes unavailable, but has a feasible successor –

the FS will immediately become the successor and there is almost no delay

incurred This is the primary reason EIGRP convergence times tend to be

some of the fastest of all the dynamic routing protocols

If, however, a router’s successor becomes unavailable and does not have a

FS to the destination, it will send query messages to all of its neighbors

asking if they know of a path to the destination The neighbors will either

respond with a path or forward the query to all of their neighbor routers

until a path is identified and relayed back to the original requester or no

more neighbor routers exist During the time the router is waiting back for

a response, it is unable to forward traffic to the destination network, which

can hurt EIGRP’s convergence time

Passive entries represent routes that have at least a single successor and perhaps a feasible successor They are what you should see in a normal, stable topology Notice the “P’s” in the output from the show eigrp topology command below They indicate that the entries in the EIGRP topology table are in the passive (read: normal) state

——————————————–

R1#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.1.1.1)

Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply, r – reply

Status, s – sia Status

EIGRP Messages

Hello

EIGRP hello packets are sent out every 5 seconds by default using multicast address 224.0.0.10 to maintain and discover neighbor

relationships On slower (T1 and below) and NBMA links, hellos are sent every 30 seconds to conserve bandwidth

EIGRP hello packets also contains a hello timer which lets the router know if a neighbor is down The hello timer is set to 15 seconds

normally (~3 unresponsive hellos), and 90 seconds for slower WAN links When a router receives a hellos packet from another router with the same AS (Autonomous System) number, it automatically forms a neighbor relationship (also known as an adjacency)

Update

During the EIGRP start-up process on a router, an update message is sent out to its neighbors containing the contents of the router’s

routing table The only other time an update packet is sent is when network changes occur on a router and it then sends out an update message to its neighbors who the route change would affect

EIGRP Metrics

There are 5 descriptives EIGRP uses to calculate its metric, although Cisco generally does not recommend tuning these metrics unless you have a very specific purpose You should be aware that only the bandwidth and delay numbers factor into the default formula

• Bandwidth – the lowest bandwidth value between the source and destination

• Delay – the cumulative delay along a series of links

• Reliability

• Load

• MTU

EIGRP Configuration

Step 1.

Define EIGRP as the routing protocol with a predefined Autonomous System ID Routers will not form a neighbor relationship if their AS

numbers do not match

Example:

R3(config)# router eigrp 1

Step 2

Define the attached networks you want to participate in EIGRP

Add each network to the EIGRP process with the network prefix mask command for each network The mask is an inverted mask, like ACLs use Example, a /24 mask would be 0.0.0.255

The network prefix mask command tells the router which local interfaces will then participate in EIGRP This can be very useful if you do

not want specific interfaces to participate in EIGRP

Using the mask statement will define how you want the routes summarized if you turn off auto summarization If you choose not to use the mask, EIGRP will assume the networks are part of the major networks (class A,B,C boundaries) and could cause potential problems

R3(config-router)#router eigrp 1

R3(config-router)# network 10.1.100.0 0.0.0.225

R3(config-router)# network 192.168.100.0 0.0.0.3

R3(config-router)# network 192.168.100.4 0.0.0.3

R3(config-router)# no auto-summary

The output of R3′s running configuration can be seen below

R3#sh run | begin router eigrp 1

show ip eigrp neighbors

Displays EIGRP neighbors a router has discovered

——————————————–

R3#sh ip eigrp neighbors

IP-EIGRP neighbors for process 1

H Address Interface Hold Uptime SRTT RTO Q Seq

show ip eigrp topology

Displays the output of the EIGRP topology tables including successor and feasible successor routes

——————————————–

R3#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(192.168.100.5)

Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply,

r – reply Status, s – sia Status

Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

ia – IS-IS inter area, * – candidate default, U – per-user static route

o – ODR, P – periodic downloaded static route

Gateway of last resort is not set

D 10.1.200.0 [90/2172416] via 10.1.100.2, 00:14:46, FastEthernet0/0

[90/2172416] via 10.1.100.1, 00:14:46, FastEthernet0/0

192.168.100.0/30 is subnetted, 2 subnets

C 192.168.100.4 is directly connected, Loopback15

C 192.168.100.0 is directly connected, Loopback11

show ip route eigrp

Displays the EIGRP routes that the routing table is using All internal EIGRP routes will be marked with a D (as in DUAL) at the beginning

Additional EIGRP configuration options

EIGRP Default Routes

Defaults routes make life easier in many situations They can decrease the size (and complexity) of the routing table by providing a path to all unspecified destinations

One option is to use a static default route with the ip route 0.0.0.0 0.0.0.0 interface/address statement as discussed in the Routing

Fundamentals page This must be configured on every router that will use that default route

Another option if you are running EIGRP is to use the ip default-network network-number command IN GLOBAL CONFIG MODE Any network that is reachable within the local router’s routing table is eligible to be used by EIGRP as a default route Once configured, EIGRP will advertise the route to its EIGRP neighbors as a default route

** If you want to use this method, in conjunction with a static route – you will have to first redistribute the static route into EIGRP

** Once you use the IP default-network command to define a default route for EIGRP, the router creates a static route in the configuration without notifying you That means in order to remove the default route, you must use the no ip route command instead of no ip default-network

Summarization

EIGRP summarizes routes by their major classful boundaries, which can be problematic and cause specific subnets to not be advertised correctly

To disable automatic summarization:

R1(config)# router eigrp 1

MPLS defines the customer’s WAN routers as CE, or customer edge routers and the carrier’s border routers as PE, or provider’s edge

routers The CE routers appear to each other as directly connected peers When CE West sends information to CE East, PE West intercepts the data, strips the Ethernet frame, encapsulates it into a MPLS packet, and forwards it over the service provider’s network to PE East PE East strips off the MPLS information, re-encapsulates it into an Ethernet frame and forwards it on to CE East

This transparent transport allows an EIGRP neighbor relationship to form between the two customer routers

EIGRP + Frame Relay

Let’s face it, frame relay is a dying WAN technology Other, more current WAN options like MPLS have taken over, but Cisco thinks it’s important for us to understand the underlying framework of how frame relay works Frame relay works using switched, virtual circuits

through the service provider network One of the advantages of Frame Relay is that it allows multiple logical circuits to be configured on a single physical interface Each VC is identified with a locally-significant DLCI, or Data-Link Connection Identifier The layer 2 virtual circuit must then be mapped to a layer three neighbor, which can be either dynamic or static

Frame relay is able to emulate point-to-point links by using multiple subinterface on a single physical interface (often used on spoke topologies) This allows neighbor’s to be identified as down much more quickly for two reasons:

hub-and-1 The default timers are shorter (5 sec hold timer, 15 second dead timer)

2 The subinterface is marked down whenever its local DLCI goes down

Static

To configure frame relay statically, configurations must be done on the interface level The broadcast descriptive is required at the end of the statement because frame relay defaults to a non-broadcast medium Also, static mappings can be applied to both multipoint interfaces

as well as subinterfaces on a single physical port

R1(config-if)# frame-relay map ip remote-ip-address loacl-dlci broadcast

Dynamic

Dynamic mappings use inverse ARP In this case, routers only form EIGRP neighbor relationships with other routers they connect to using a frame relay virtual circuit

No IP split horizon

When running EIGRP on a frame relay multipoint subinterfaces, a major communication problem can occur Split-horizon is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned

When a hub and spoke frame relay topology exists, multipoint subinterfaces are configured on the hub router The issue is that split

horizon is enabled by default, so in the example below, if R2 learns routes from R1, it cannot then pass those on to R3 because split horizon would prevent the advertisement from going out the same physical interface This results in R2 being able to communicate with the spoke router’s networks, but R3 and R1 are unable to communicate with each other

To remedy the situation, split horizon must be disabled on the R2 EIGRP process

R2(config)# no ip split-horizon EIGRP as-number

Managing EIGRP Bandwidth

There are two important points to remember when running EIGRP over WAN links The first is that EIGRP assumes that WAN interfaces run

at T1 speed (1544 kbs) The second is that EIGRP will allocate up to 50% of a link’s bandwidth for EIGRP control traffic

These two combined can be problematic on links that are slower than a T1 (like a 64k fractional T1 for example) In that situation, EIGRP messages could choke out data traffic quickly To control that, the bandwidth command should be used in WAN links to tell EIGRP what the actual link bandwidth is

R1(config)# int serial 0/0/0

Not to be confused with the passive (healthy) topology table entries, interfaces with the passive-interface command applied do not allow any routing updates or hellos out the interface For EIGRP, this means that the router will not form adjacencies with connected routers on that particular port

R1(config)# router eigrp 1

R1(config-router)# passive-interface gig 3/1

R1(config-router)# neighbor ip-address

The IP address used must be in one of the same subnet ranges as one of the router’s interfaces

EIGRP load balancing

Out of the box, EIGRP will automatically load balance across equal-cost paths with no special configuration EIGRP is unique, however, in its ability to load balance across unequal-cost paths with a single command

The variance command allows unequal-cost load balancing over up to 6 different paths But here’s the key, it only works when the cost of the path is lower than the variance number multiplied by the best metric

Here is an example scenario

R1 will by default use the path through R3 because it has the lowest metric To enable unequal-cost load balancing, we can use the

Maximum-paths

By default, Cisco IOS will load balance across 4 equal-cost paths only Using the maximum-paths command, you can configure the router

to load balance over up to 16 paths Setting it to 1 disables the load balancing

R1(config)# maximum-paths number-of paths

EIGRP Authentication

EIGRP supports authentication of its messages using an MD5 hash When configured, if an incoming EIGRP packet’s hash does not match the local hash, the packet is silently dropped

Authentication configuration steps:

1 Configure a key chain to group the keys (read: passwords)

2 Create a key(s) inside the keychain The router will look inside the keychain and compare the keys against incoming packets

3 Enable authentication and assign a key to an interface,

4 Indicate MD5 as the authentication type

Example

R1(config)# key chain TEST

R1(config-keychain)# key 1

R1(config-keychain-key)# key string samplepassword

R1(config-keychain-key)# exit

R1(config)# interface gig 1/12

R1(config-if)# ip authentication mode eigrp 10 md5

R1(config-if)# ip authentication key-chain eigrp 10 TEST

EIGRP Stub Routing

If a router is a spoke in a hub-and-spoke router topology, it is considered a stub router It is not a transit router and usually has only a single neighbor router, sometimes two

Within EIGRP you can define a router as a stub router to limit the EIGRP queries This saves bandwidth and prevents neighbor routers from requesting alternate routes when a path fails If you have many spoke routers, this can dramatically improve EIGRP reconvergence time The EIGRP stub router still receives all route updates from its neighbor(s) by default

R1(config)#router eigrp 1

R1(config-router)# eigrp stub [receive-only | connected | static | summary | redistributed]

EIGRP Best Practices

• Summarize routes when possible

• Limit the network depth to 7 hops

• Limit the scope of EIGRP queries

Open Shortest Path First

OSPF, or Open Shortest Path First, is a link-state, open-standard, dynamic routing protocol OSPF uses an algorithm known as SPF, or Dijkstra’s Shortest Path First, to compute internally the best path to any given route

OSPF is classless and converges fairly quickly, using cost as it’s metric A router running OSPF creates its own database which contains information on the entire OSPF network, not simply neighbor’s routes like EIGRP This allows the router to make intelligent choices about path selection on its own instead of relying exclusively on neighbor information

OSPF routers do form neighbor relationships though They exchange hellos with neighboring routers and in the process learn their

neighbor’s Router ID (RID) and cost Those values are then sent to the adjacency table

Every router is responsible for computing their own best paths to all destinations within an OSPF domain Once the SPF algorithm selects the best paths, they are then eligible to be added to the routing table

Link State Database

Once a router has exchanged hellos with its neighbors and captured Router IDs and cost information, it begins sending LSAs, or Link State Advertisements LSAs contain the RID and costs to the router’s neighbors LSAs are shared with every other router in the OSPF domain A router stores all of its LSA information (including info it receives from incoming LSAs) in the Link State Database (LSDB)

I apologize if the acronyms are starting to pile up OSPF, architecturally speaking, is more complicated than it’s counterpart EIGRP – and the long list of acronyms and definitions is part of that

All link state databases must match within an OSPF area

This means that the more OSPF-enabled routers are

configured for the same area, the more LSA

advertisements that must be sent out After you reach

about 50 routers, the high levels of LSA traffic and

numerous routing table entries can become a problem

That is why Cisco recommends limiting an OSPF area to

no more than 50-100 routers

The following three factors determine the

maximum number of routers:

• How easily the area’s subnets can be summarized

• The type of areas being used

• The number of external LSAs being injected