Pages

Friday, June 7, 2013

Networking Questions.

#How many OSPF databases are on an OSPF router?
The number of OSPF databases on a router is equal to the number of OSPF areas configured on the router.

#Do ICMP use port numbers.
ICMP does not use any port numbers, unlike applications which use TCP or UDP. ICMP uses sequence numbers for tracking ICMP packets.

#Is it compulsory to configure all routers in one AS with IBGP
No we can configure IGP routing and redistribute same to BGP

#Suppose there are 100 routers inside one AS. How many BGP sessions will be there?
In case of full mesh each router will form a peer relation with other router and there will be n(n-1)/2 sessions ie 100*99/2=4950 TCP  peers and sessions. In case of route-reflector this will reduced to 99 peers/sessions.

#If a switch reboots, will the mac-address-table on it be retained.
No mac addresses will not be retained. These addresses are stored in the address table only and will be lost when the switch port state goes down or when the switch reboots. Default mac address age-out time is 300sec(5 mins).

#What is the difference between a default route and a default gateway.
A default route is used for the route which has no match in routing table or for the unknown destination traffic. Default gateway is used when routing is not enabled in the devices and it is used to forward traffic off the local network.

#what is the use of Preamble, SFD and type/length field.
The Preamble consists of seven bytes all of the form 10101010, and is used by the receiver to allow it to establish bit synchronization (there is no clocking information on the Ether when nothing is being sent).

The Start frame delimiter is a single byte, 10101011, which is a frame flag, indicating the start of a frame.

The Length/Ether Type field is the only one which differs between 802.3 and Ethernet II. In 802.3 it indicates the number of bytes of data in the frame's payload, and can be anything from 0 to 1500 bytes. Frames must be at least 64 bytes long, not including the preamble, so, if the data field is shorter than 46 bytes, it must be compensated by the Pad field. The reason for specifying a minimum length lies with the collision-detect mechanism. In CSMA/CD a station must never be allowed to believe it has transmitted a frame successfully if that frame has, in fact, experienced a collision. In the worst case it takes twice the maximum propagation delay across the network before a station can be sure that a transmission has been successful. If a station sends a really short frame, it may actually finish sending and release the Ether without realizing that a collision has occurred. The 802.3 design rules specify an upper limit on the maximum propagation delay in any Ethernet installation, and the minimum frame size is set to be more than twice this figure (64 bytes takes 51.2ms to send at 10Mbps).

In Ethernet II, on the other hand, this field is used to indicate the type of payload carried by the frame. For example 080016 signifies an IP payload. In fact the smallest legal value of this field is 060016, and since the greatest value of the 802.3 Length is 05DC16 it is always possible to tell Ethernet and 802.3 frames apart and they can therefore coexist on the same network. 802.3 was intended to be used with 802.2 LLC as its standard payload, the latter using a 7-bit sub address to specify protocol type. However, this is not compatible with the 16-bit Ether Type of Ethernet II, so the SNAP (Sub network Access Protocol) extension was developed. With a SNAP-extended header, an LLC PDU can carry a 16-bit Ether Type.

#why destination mac address is placed before source mac address in Ethernet frame.
To reduce latency since switch can directly check the destination mac first and switch the frame.

#Describe the fields of 802.1q tag
Following are the fields in an 802.1Q VLAN tag.
TPID (Tag Protocol Identifier, 16 bits): TPID (Tag Protocol Identifier) is globally and always have a value of 0x8100 to signify an 802.1Q tag.
Priority (3 bits): The Priority field is used by 802.1Q to implement Layer 2 quality of service (Qi’s).
CFI (Canonical Format Identifier, 1 bit): The CFI (Canonical Format Identifier) bit is used for compatibility purposes between Ethernet and Token Ring.
VLAN ID (12 bits): The VID field is used to distinguish between VLANs on the link.

#How to differentiate between configuration bpdu and TCN bpdus.
With the message type field in BPDU frame.

#What happens if both port id are same in case of STP
Port priority will be the tiebreaker.

#do subnetting for 10.1.1.1/8. 128 networks are needed.
10.0.0.1 - 10.1.255.254/15

#How convergence happens in case of RSTP. What is convergence time?
Less than 6 sec

#what will happen if a switch receives a frame with same source and destination mac address?
It will filter and drop the frame.

#what is the significance of 0x8100 in 802.1q tag.
This signifies the tag is 802.1q

#How to communicate between two different vlans connected to two switches.
vlan100-----S1(PE)---trunk-----S2(PE)-------vlan200
Switch1 will pop the vlan100 and it will be pass to S2 as untagged through S-vlan . In S2 we will push the vlan 200 and frame is forwarded to the ports which are assigned to vlan 200.

http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-network-interfaces/interfaces-rewriting-vlan-tag-untagged-frames.html

When communicating between two different VLANs connected to two switches, you typically need to use a router or a Layer 3 switch to facilitate communication. Here's a basic overview of the steps involved:

1. **Configure VLANs**: First, ensure that the VLANs are properly configured on both switches. Assign the appropriate ports to each VLAN and ensure that the VLANs are tagged on the trunk link connecting the two switches.

2. **Configure Router or Layer 3 Switch**: You'll need a device capable of routing between the VLANs. This could be a traditional router or a Layer 3 switch. Ensure that the router or Layer 3 switch has an interface configured for each VLAN.

3. **Configure Inter-VLAN Routing**: On the router or Layer 3 switch, configure inter-VLAN routing to allow communication between the VLANs. This typically involves creating subinterfaces on the router or assigning IP addresses to VLAN interfaces on the Layer 3 switch.

4. **Routing Configuration**: Configure routing protocols or static routes on the router or Layer 3 switch to ensure that traffic is properly routed between the VLANs. This step is crucial for ensuring that devices in one VLAN can communicate with devices in another VLAN.

5. **Implement Access Control Lists (ACLs)**: Optionally, you may want to implement access control lists (ACLs) on the router or Layer 3 switch to control traffic flow between the VLANs. ACLs allow you to filter traffic based on criteria such as source/destination IP addresses, protocols, or ports.

6. **Test Communication**: Once the configuration is complete, test communication between devices in different VLANs to ensure that everything is working as expected. Ping tests or other network diagnostic tools can be useful for verifying connectivity.

By following these steps, you can establish communication between devices in different VLANs connected to two switches. The router or Layer 3 switch plays a crucial role in facilitating inter-VLAN communication by routing traffic between the VLANs.

#Ether channel Advantage:
If a physical interface fails, the virtual interface stays up (it just has one less physical interface, so obviously offers a lesser amount of performance), which means the spanning tree doesn't see the failure and does not react to the failure, preventing disruption to the Layer 2 network.
You don't have to configure the same method of load sharing at each end of an Ether Channel bundle. It is common to use source-based forwarding on a switch (connected to a router) and then use destination-based forwarding on the router. Because all communication to the router is performed using the same destination MAC address, source-based forwarding on the switch is configured to prevent frames from traversing only a single physical link in the bundle.

#settings that must match for ospf relationship
    OSPF Router ID
    Stub area flag
    Plus the following interface-specific settings:
        Hello interval
        Dead interval
        Subnet mask
        List of neighbors reachable on the interface
        Area ID
        Router priority
        Designated Router (DR) IP address
        Backup DR (BDR) IP address
        Authentication digest

#What will happen if the link between your PC and router is having 4000 MTU size while rest of the links are of default MTU size i.e. 1500. Using the Same IP MTU feature in ospf
    4000       1500
PC--------R1-----------R2------R3-----PC
The maximum transmission unit (MTU) of an interface tells IOS the largest IP packet that can be forwarded out the interface. This setting protects the packet from being discarded on data links whose Layer 2 features will not pass a frame over a certain size. Routers typically default to an IP MTU of 1500 bytes to accommodate Ethernet’s rules about frames not exceeding 1526 bytes.
From a data plan perspective, when a router needs to forward a packet larger than the outgoing interface’s MTU, the router either fragments the packet or discards it. If the IP headers don’t fragment (DF) bit is set, the router discards the packet. If the DF bit is not set, the router can perform Layer 3 fragmentation on the packet, creating two (or more) IP packets with mostly identical IP headers, spreading the data that follows the original IP packet header out among the fragments. The fragments can then be forwarded, with the reassembly process being performed by the receiving host.
Routers have no dynamic mechanism to prevent the misconfiguration of MTU on neighboring routers. When an MTU mismatch occurs between two OSPF neighbors, one router will attempt to become neighbors with the other router who’s MTU differs. The other router will be listed in the list of neighbors (show is sop neighbor). However, the two routers will not exchange topology information, and the two routers will not calculate routes that use this neighbor as the next-hop router.
The IP MTU can be set on an interface using the is mtu value interface subcommand all for all Layer 3 protocols with the mtu value interface subcommand.
You could argue that the mismatched MTU does not prevent routers from becoming neighbors, but it does prevent them from successfully exchanging topology data. When the mismatch occurs, a pair of routers tries to become neighbors, and they list each other in the output of the show ip ospf neighbors. However, the neighbor state moves from EXSTART (which means the database exchange process is starting), but it fails. Then, the state changes to DOWN, and later one router tries again, moving to INIT state. So, the neighbor is listed in the output of show ip ospf neighbors command, but never succeeds at exchanging the topology data.

#Does NAT occur before or after routing?
The order in which the transactions are processed using NAT is based on whether a packet is going from the inside network to the outside network or from the outside network to the inside network. Inside to outside translation occurs after routing, and outside to inside translation occurs before routing. Refer to NAT Order of Operation for more information.

#what is the limitation of PAT.
Plain Ip will be discarded we need a source port as well
PAT (overloading) divides the available ports per global IP address into three ranges: 0-511, 512-1023, and 1024-65535. PAT assigns a unique source port for each UDP or TCP session. It attempts to assign the same port value of the original request, but if the original source port has already been used, it starts scanning from the beginning of the particular port range to find the first available port and assigns it to the conversation. There is an exception for 12.2S code base. 12.2S code base uses different port logic, and there is no port reservation.

#What is the difference between IP fragmentation and TCP segmentation?
IP fragmentation occurs at Layer 3 (IP); TCP segmentation occurs at Layer 4 (TCP). IP fragmentation takes place when packets that are larger than the Maximum Transmission Unit (MTU) of an interface are sent out of this interface. These packets will have to be either fragmented or discarded when they are sent out the interface. If the Don't Fragment (DF) bit is not set in the IP header of the packet, the packet will be fragmented. If the DF bit is set in the IP header of the packet, the packet is dropped and an ICMP error message indicating the next-hop MTU value will be returned to the sender. All the fragments of an IP packet carry the same Ident in the IP header, which allows the final receiver to reassemble the fragments into the original IP packet. Refer to Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPsec for more information.
TCP segmentation takes place when an application on an end station is sending data. The application data is broken into what TCP considers the best-sized chunks to send. This unit of data passed from TCP to IP is called a segment
TCP will first segment this data into TCP segments (based on TCP MSS value) and will add the TCP header and pass this TCP segment to IP. Then IP will add an IP header to send the packet to the remote end host. If the IP packet with the TCP segment is larger than the IP MTU on an outgoing interface on the path between the TCP hosts then IP will fragment the IP/TCP packet in order to fit. These IP packet fragments will be reassembled on the remote host by the IP layer and the complete TCP segment (that was originally sent) will be handed to the TCP layer. The TCP layer has no idea that IP had fragmented the packet during transit.
NAT supports IP fragments, but it does not support TCP segments.

IP fragmentation and TCP segmentation are two distinct processes used in networking, each serving different purposes:

1. **IP Fragmentation**:
   - IP fragmentation occurs at the network layer (Layer 3) of the OSI model.
   - It is the process of breaking down an IP datagram into smaller packets (fragments) to fit within the Maximum Transmission Unit (MTU) size of the underlying network links.
   - IP fragmentation is primarily performed by routers when a packet exceeds the MTU of an outgoing interface.
   - Fragments are reassembled at the destination host based on the identification field in the IP header.
   - IP fragmentation is part of the IP protocol and is used to facilitate packet transmission across networks with varying MTU sizes.

2. **TCP Segmentation**:
   - TCP segmentation occurs at the transport layer (Layer 4) of the OSI model.
   - It is the process of breaking down TCP data into smaller segments before transmission over the network.
   - TCP segmentation is performed by the TCP protocol to optimize data transmission and adapt to network conditions.
   - Segments are reassembled at the receiving end to reconstruct the original TCP data stream.
   - TCP segmentation is used to enhance the reliability, efficiency, and performance of data transmission over TCP connections.

In summary, IP fragmentation is a network-layer process that divides IP datagrams into smaller packets to accommodate varying network MTU sizes, while TCP segmentation is a transport-layer process that breaks down TCP data into smaller segments for efficient transmission and delivery over the network.

#rstp convergence time
less than 6 seconds ie 3 times hello

#If OSPF router is stucked in each stage what the problem is and how to troubleshoot it
Neighbors Stuck in Exstart/Exchange State
The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor's router. The problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don't match. If the router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores the packet

#Can we use all ranges of Vlans
LANs              Range               Usage                                                                                              Propagated by VTP
0, 4095         Reserved          For system use only. You cannot see or use these VLANs.             
1                       Normal             Cisco default. You can use this VLAN but you cannot delete it.                              Yes
2-1001           Normal             For Ethernet VLANs; you can create, use, and delete these VLANs.                      Yes
1002-1005    Normal            Cisco defaults for FDDI and Token Ring. You cannot delete VLANs 1002-1005. Yes
1006-4094   Extended         For Ethernet VLANs only.                                                                                                     No

The following information applies to VLAN ranges:
Layer 3 LAN ports, WAN interfaces and sub-interfaces, and some software features use internal VLANs in the extended range. You cannot use an extended range VLAN that has been allocated for internal use.
To display the VLANs used internally, enter the show vlan internal usage command. With earlier releases, enter the show vlan internal usage and show cwan vlans commands.
You can configure ascending internal VLAN allocation (from 1006 and up) or descending internal VLAN allocation (from 4094 and down).
You must enable the extended system ID to use extended range VLANs

#what is the count of icmp packets if you send 5 pings.
3 are the icmp packet since first two are used for arp resolution.

When you send 5 ping requests (ICMP echo requests), the typical behavior of the ping utility is to send one ICMP echo request packet per ping request. Therefore, if you send 5 pings, the count of ICMP packets sent would be 5. Each ping request generates one ICMP echo request packet, and the ping utility waits for a corresponding ICMP echo reply packet from the destination device.

It's worth noting that the ICMP echo request packet is often referred to as the "ping" packet, as it is the packet sent to test reachability and round-trip time to a destination host. The destination host responds to each ICMP echo request with an ICMP echo reply packet. So, in total, there would be 5 ICMP echo request packets sent and (hopefully) 5 corresponding ICMP echo reply packets received, assuming the destination device responds to each ping request.

#Non-VLAN-Capable Switch MAC Rules
Consider a switch consisting of four ports. The MAC address table is used to store MAC addresses and the associated port where each MAC address was learned. The switches then flood, filter, or forward frames, as described in these scenarios. When a frame is received on a port, this process and these rules are applied. The source MAC address is placed in the MAC address table, along with the port ID of the port on which it was received. If the MAC address was already in the table, its associated aging countdown timer is reset (300 seconds by default).
Then the MAC address table is searched using the destination MAC address to determine which action to take. (The appropriate action for each scenario is shown in brackets.)
A. If the destination MAC address is a broadcast or multicast address, then the frame is sent to all ports, excluding the received port. [Flood]
B. If the destination MAC address comes from the same port on which it was received, then there is no need to forward it, and it is discarded. [Filter]
C. If the destination MAC address comes from another port within the switch, then the frame is sent to the identified port for transmission. [Forward]
D. If the destination MAC address is not in the MAC address table, then the frame needs to be flooded and is sent to all ports except for the port through which it arrived. This action is known as unicast flooding. [Flood]

#VLAN-Capable Switch MAC Rules
Consider the same physical switch consisting of four ports, except now with VLAN-capable switch MAC address table rules. In order to implement VLANs, a new parameter called VLAN ID is associated with each entry. When a frame is received, this process and these rules are applied.
The source MAC address is copied into the MAC address table, along with the port ID and port VLAN ID of the port on which it was received. If an entry already exists, its associated aging countdown timer is reset (300 seconds by default). The MAC address table is searched for an entry match, and only the table entries that match the port VLAN ID will be inspected. (The appropriate action for each scenario is shown in brackets.)
A. If the destination MAC address is a broadcast or multicast address, then the frame is sent to all ports with the same VLAN ID, excluding the received port. [Flood]
B. If the destination MAC address comes from the same port on which it was received, then there is no need to forward it, and it is discarded. [Filter]
C. If the destination MAC address comes from another port within the switch, then the frame is sent to the identified port for transmission. (Due to the previous rule regarding VLAN ID matching, this port can ONLY be a port in the same VLAN as the source port of the frame.) [Forward]
D. If the destination MAC address is not in the MAC address table, then the frame needs to be flooded and is sent to all ports with matching VLAN ID, except for the port through which it arrived. This action is known as unicast flooding. [Flood]

Notice that the table has now been effectively split into two parts; each part is a separate broadcast domain. As IP end stations locate each other using the Address Resolution Protocol (ARP) process, this in turn uses a broadcast. If an end station is NOT in the same broadcast domain, it will not be reachable (rule A). Indeed, even if an end station had statically configured an entry in its ARP table, reachability would not take place because the MAC address is not in the VLAN of the receiving port (rule D).

 #ospf states
Down
This is the first OSPF neighbor state. It means that no information (hellos) has been received from this neighbor, but hello packets can still be sent to the neighbor in this state.
During the fully adjacent neighbor state, if a router doesn't receive hello packet from a neighbor within the RouterDeadInterval time (RouterDeadInterval = 4*HelloInterval by default) or if the manually configured neighbor is being removed from the configuration, then the neighbor state changes from Full to Down.

Attempt
This state is only valid for manually configured neighbors in an NBMA environment. In Attempt state, the router sends unicast hello packets every poll interval to the neighbor, from which hellos have not been received within the dead interval.

Init
This state specifies that the router has received a hello packet from its neighbor, but the receiving router's ID was not included in the hello packet. When a router receives a hello packet from a neighbor, it should list the sender's router ID in its hello packet as an acknowledgment that it received a valid hello packet.

2-Way
This state designates that bi-directional communication has been established between two routers. Bi-directional means that each router has seen the other's hello packet. This state is attained when the router receiving the hello packet sees its own Router ID within the received hello packet's neighbor field. At this state, a router decides whether to become adjacent with this neighbor. On broadcast media and non-broadcast multiaccess networks, a router becomes full only with the designated router (DR) and the backup designated router (BDR); it stays in the 2-way state with all other neighbors. On Point-to-point and Point-to-multipoint networks, a router becomes full with all connected routers.
At the end of this stage, the DR and BDR for broadcast and non-broadcast multiacess networks are elected. For more information on the DR election process, refer to DR Election.
Note: Receiving a Database Descriptor (DBD) packet from a neighbor in the init state will also a cause a transition to 2-way state.

Exstart
Once the DR and BDR are elected, the actual process of exchanging link state information can start between the routers and their DR and BDR.
In this state, the routers and their DR and BDR establish a master-slave relationship and choose the initial sequence number for adjacency formation. The router with the higher router ID becomes the master and starts the exchange, and as such, is the only router that can increment the sequence number. Note that one would logically conclude that the DR/BDR with the highest router ID will become the master during this process of master-slave relation. Remember that the DR/BDR election might be purely by virtue of a higher priority configured on the router instead of highest router ID. Thus, it is possible that a DR plays the role of slave. And also note that master/slave election is on a per-neighbor basis.

Exchange
In the exchange state, OSPF routers exchange database descriptor (DBD) packets. Database descriptors contain link-state advertisement (LSA) headers only and describe the contents of the entire link-state database. Each DBD packet has a sequence number which can be incremented only by master which is explicitly acknowledged by slave. Routers also send link-state request packets and link-state update packets (which contain the entire LSA) in this state. The contents of the DBD received are compared to the information contained in the routers link-state database to check if new or more current link-state information is available with the neighbor.

Loading
In this state, the actual exchange of link state information occurs. Based on the information provided by the DBDs, routers send link-state request packets. The neighbor then provides the requested link-state information in link-state update packets. During the adjacency, if a router receives an outdated or missing LSA, it requests that LSA by sending a link-state request packet. All link-state update packets are acknowledged.

Full
In this state, routers are fully adjacent with each other. All the router and network LSAs are exchanged and the routers' databases are fully synchronized.

Full is the normal state for an OSPF router. If a router is stuck in another state, it's an indication that there are problems in forming adjacencies. The only exception to this is the 2-way state, which is normal in a broadcast network. Routers achieve the full state with their DR and BDR only. Neighbors always see each other as 2-way.


#Fault Management
Fault management includes any tools or procedure for testing, diagnosing or repairing the network when a failure occurs.

There are two primary ways to perform fault management - these are active and passive. Passive fault management is done by collecting alarms from devices (normally via SNMP) when something happens in the devices. In this mode, the fault management system only knows if a device it is monitoring is intelligent enough to generate an error and report it to the management tool. However, if the device being monitored fails completely or locks up, it won't throw an alarm and the problem will not be detected. Active fault management addresses this issue by actively monitoring devices via tools such as ping to determine if the device is active and responding. If the device stops responding, active monitoring will throw an alarm showing the device as unavailable and allows for the proactive correction of the problem.


No comments:

Post a Comment