Cougar Mountain Accounting Software - cms2NW_ConfigureTerminal.com Networking Tips

For Cougar Mountain Software Support's
Professional Version (V2012, V2011, V2010, V2009, V12-V6)

For Cougar Mountain Accounting Software's Professional Version (V6, V7, V8, V9, V10, V11, V12, V2009, V2010 & V2011)

In this issue:

Important Updates + more Free resources
EIGRP seed metrics - your questions answered
Free config compare utility - saves lots of time and effort looking for mistakes
CME/CUE and NAT - Don't be bitten by this one
Richard's CCIE Cheat Sheets - Rapid Spanning Tree
Why does PPP add /32 network? Your questions answered

ConfigureTerminal.com Networking Tips
Resources for the networking professional

Important updates + more free resources
By David Bombal

Email:

IMPORTANT UPDATE

Because of the increased numbers of people subscribing to the newsletters, we have decided that we will need to upgrade our e-mail server delivery services. This will enable us to provide a better and more reliable service to you.

Please look for an e-mail requesting you to confirm that you want to continue to receive the newsletters.

NOTE: You will not receive any more e-mails unless you confirm so keep a lookout for the e-mail in the coming weeks.

Website:
We have updated the ConfigureTerminal.com website. I hope you will all find the website to be of even more use to you. Please do send us your comments and suggestions.

Updates/Features now available:
1) Time saving links easier to use
2) Archive of newsletters coming soon
3) Free Exam Questions
4) More Free EBooks coming soon
5) New Products listed

Free ICND1, ICND2, CCNA Questions:

We have put free sample questions on the website. We are planning to add questions for the CCNP & CCVP tracks initially with a view to do this for all qualifications.

VPN Config Generator:

Now supports ASA 8.X site to site VPNS and Client VPNS

Have a look at this demonstration:

ASA 8.X site to site in seconds

CCIE Command Line Memorizer:

Major revamp of the CCIE Command Line Memorizer with a better interface and functionality.

Click here to see a video of the new product.

Free resources:

We have been adding more free resources to the website. Keep an eye on it as we are planning to add a lot more content in the coming weeks and months.

Here is an example of just one type of resource you will see:

Example:

Network Diagram:

AIM: Demonstrate next hop in BGP and fix using Peer Next Hop rather than next-hop-self

==================================================================
R1 Configuration
==================================================================

router bgp 300
no synchronization
network 2.2.2.0 mask 255.255.255.0
network 11.11.11.11 mask 255.255.255.255
neighbor 33.33.33.33 remote-as 300
neighbor 33.33.33.33 update-source Loopback0
no auto-summary

==================================================================
R1 BGP table
==================================================================

r1#sh ip bgp
BGP table version is 34, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 33.33.33.33 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i3.3.3.0/24 33.33.33.33 0 100 0 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*> 11.11.11.11/32 0.0.0.0 0 32768 i
*>i22.22.22.22/32 22.22.22.220 100 0 200 i   <=Next Hop is still IP address of R2 as per BGP rule
*>i33.33.33.33/32 33.33.33.33 0 100 0 i
*>i160.10.0.1/32 22.22.22.22 0 100 0 200 i     <=Next Hop is still IP address of R2 as per BGP rule

*>i161.10.0.1/32 22.22.22.22 0 100 0 200 i     <=Next Hop is still IP address of R2 as per BGP rule
*>i162.10.0.1/32 22.22.22.22 0 100 0 200 i     <=Next Hop is still IP address of R2 as per BGP rule
*>i163.10.0.1/32 22.22.22.22 0 100 0 200 i     <=Next Hop is still IP address of R2 as per BGP rule
*>i164.10.0.1/32 22.22.22.22 0 100 0 200 i     <=Next Hop is still IP address of R2 as per BGP rule
r1#

r1#ping 160.10.0.1 <=== Cannot ping R2 loopbacks

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 160.10.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
r1#

r1#ping 22.22.22.22 <=== Cannot ping R2 loopbacks

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
r1#

==================================================================
Changed R1 Configuration
==================================================================

router bgp 300
no synchronization
network 2.2.2.0 mask 255.255.255.0
network 4.4.4.0 mask 255.255.255.0
network 11.11.11.11 mask 255.255.255.255
neighbor 33.33.33.33 remote-as 300
neighbor 33.33.33.33 update-source Loopback0
neighbor 33.33.33.33 route-map changenexthop in <= Route-map bound to IBGP neighbor R3 in

no auto-summary
!
route-map changenexthop permit 10
set ip next-hop peer-address <= Set next hop to peer address (override default of R2)

==================================================================
Changed R1 BGP Table
==================================================================

r1#sh ip bgp
BGP table version is 46, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 33.33.33.33 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i3.3.3.0/24 33.33.33.33 0 100 0 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*> 11.11.11.11/32 0.0.0.0 0 32768 i
*>i22.22.22.22/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
*>i33.33.33.33/32 33.33.33.33 0 100 0 i
*>i160.10.0.1/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
*>i161.10.0.1/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
*>i162.10.0.1/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
*>i163.10.0.1/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
*>i164.10.0.1/32 33.33.33.33 0 100 0 200 i      <=Next Hop is Changed to R3 address
r1#

r1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 2.0.0.0/8 is a summary, 00:40:07, Null0
C 2.2.2.0/24 is directly connected, Serial0
33.0.0.0/32 is subnetted, 1 subnets
S 33.33.33.33 [1/0] via 2.2.2.1
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [200/0] via 33.33.33.33, 00:20:57
4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 4.0.0.0/8 is a summary, 00:21:00, Null0
C 4.4.4.0/24 is directly connected, Serial1
22.0.0.0/32 is subnetted, 1 subnets
B 22.22.22.22 [200/0] via 33.33.33.33, 00:00:55 <= Routes now in routing table
162.10.0.0/32 is subnetted, 1 subnets
B 162.10.0.1 [200/0] via 33.33.33.33, 00:00:57
163.10.0.0/32 is subnetted, 1 subnets
B 163.10.0.1 [200/0] via 33.33.33.33, 00:00:57
160.10.0.0/32 is subnetted, 1 subnets
B 160.10.0.1 [200/0] via 33.33.33.33, 00:00:57
161.10.0.0/32 is subnetted, 1 subnets
B 161.10.0.1 [200/0] via 33.33.33.33, 00:00:57
11.0.0.0/32 is subnetted, 1 subnets
C 11.11.11.11 is directly connected, Loopback0
164.10.0.0/32 is subnetted, 1 subnets
B 164.10.0.1 [200/0] via 33.33.33.33, 00:00:57
r1#

I hope you like the new website and updated products.

To your success
David Bombal

EIGRP seed metrics - your questions answered
By Richard Bannister

         Hi David,

         A question occured to me that I have not been able to find an answer for. My question
         is this...

         If we normally include K values K1 & K3 ( bandwidth & delay ) by default in the
         computation of the EIGRP metric, why do we include all 5 K values in the seed
         metric when redistributing into EIGRP? Why not just K1 and K3. Normally K2, K4, & K5
         are set to 0, but all examples show values of 255 1 1500 for reliability, load, and MTU.

         Why is this?

         Why not... for example:

         RTR(config-router)#redistribute eigrp 1 metric 64 100 0 0 0

         TIA,
         John Kiehnle

Hi John,

Thanks for your question.

Unfortunately, the redistribute command isn’t 'dynamic in nature' and therefore is always entered in an ‘option based fixed format’; Using EIGRP as an example, when a particular K value has a weighting of 0 the value specified in the redistribute command is not referenced in any way – so, in theory the command redistribute eigrp 1 metric 64 100 12 34 56 used with the default setup of metric weights 0 1 0 1 0 0 would still be valid because the only values that would mean anything to the EIGRP selection process are 64 (bandwidth) and 100 (delay). I can only assume that many of the examples in the public domain include the default values for ‘sanity purposes’ and to remind Cisco technicians of the order of the EIGRP metric composites when viewing redistribution examples/configuration.

Following on from that I still haven’t found an answer to a question I have…..
The default-metric and redistribute ‘protocol’ metric commands both expect the EIGRP metric composites in the following order:
‘Bandwidth’ ‘Delay’ ‘Reliability’ ‘Load’ ‘MTU’
Yet, the K values referenced using the metric weights command are expected in the order:
‘k1 - Bandwidth’ ‘k2 - Load’ ‘k3 - Delay’ ‘k4 - Reliability’ ‘k5 - MTU’
Why is that?!?

To answer your question à you can indeed enter the command as you have quoted.

Hope that helps

Richard Bannister

Free Config comparison utility
By David Bombal

This is a nice Free utility that allows you to compare configuration files easily (and other text files).

This has helped me solve various problems I have had in the past. It really saves time as rather than manually looking for Config differences you can compare them easily.

Here is a demonstration of how to compare the configurations of two routers:

How to compare config files

ExamDiff is a freeware Windows 95/98/Me/NT/2000/XP/2003/Vista tool for visual file comparison. It has a number of simple and convenient features that many users have been asking for a long time from a file comparison tool.

ExamDiff is a part of a suite of products that includes FtpVC, an FTP based Version Control System that allows joint software development remotely over the Internet.

Key Features:

Automatically detects file changes.
One push re-compare function.
Drag and drop support.
Easy editing of the first and second files, by spawning an external editor of choice.
Saves the file differences in a standard UNIX DIFF file.
Easy navigation through the differences.
"Search" command.
Fully customizable.
Adjustable pane splitter with smooth synchronized scrolling.
Extensive command line interface.
and others...

Hope this saves you lots of time!

Download and other information:

http://www.prestosoft.com/edp_examdiff.asp#download

CME/CUE and NAT - Don't be bitten by this one
By Mike Jenkins

Hi David,

Having attended an IPTX course lead by you, I read your website and newsletter every month, and thought I’d give something back to you in return.

I’ve discovered when using SIP trunks with CME/CUE where the CUE is on an internal nat’ed address that you need to ensure that the CUE is able to NAT to the outside world. This is particularly a problem where you have two ip connections to the router, say one for voice and one for data.

The fix is to use route maps to select which outside address to NAT to. But the surprise is that you need to include the outside ip address as even if you “b2bua” the voicemail dial-peer, the packets seem to need to pass through the nat engine even if they don’t need translating. Look at “show ip nat trans” after doing this and you’ll see what I mean. If you don’t do this, you’ll get one way voice to the CUE module and no messages will be recorded.

Digram:

So:

This bit takes care of nating the right inside address to the right outside one.

ip nat pool data-nat-pool <1st outside address> <last outside address> netmask <mask>
ip nat pool voip-nat-pool <1st outside address> <last outside address> netmask <mask>

ip nat inside source route-map data-map pool data-nat-pool overload
ip nat inside source route-map voip-map pool voip-nat-pool overload

     access-list 100 permit ip <inside data addresses> any
     access-list 101 permit ip <inside voip addresses> any
     access-list 101 permit ip <outside voip addresses> any

     route-map data-map permit 10
          match ip address 100
     route-map voip-map permit 10
          match ip address 101

The voip dial peer for voicemail is something like this:

     dial-peer voice 600 voip
     description Voicemail
     destination-pattern 299
     b2bua
     session protocol sipv2
     session target ipv4:<internal aim address>
     dtmf-relay rtp-nte
     codec g711ulaw
     no vad

Mike

Richard's CCIE Cheat Sheets - Multiple Spanning Tree
By Richard Bannister

This is an extract from Richards CCIE Blog (http://www.rbcciequest.wordpress.com). Richard is now studying for his CCIE and he has created a wonderful resource for anyone else pursuing this. We will now be including tips and tricks from Richard's blog to benefit everyone. All the best with your studies Richard!

Overview
Multiple Spanning Trees (802.1s – now part of 802.1Q-2003)
Sometimes known as MISTP or MSTP

Supported by 802.1Q trunks
- 802.1Q supports CST (instance for all VLAN’s), when a MST switch connects to a CST region the ports are called ‘boundary’ ports
- Cisco implementation different to that of IEEE
Group of switches running it are called a ‘region’ (think BGP AS)
Anything other than instance 0 in only run inside the MST region
- MD5 digests of information are sent across IST
  - Digest is used to work out whether it is a neighbour or region boundary
  - This means MST switches appear as one switch to CST
Uses RSTP rules (& BPDU’s)
- The Internal Spanning Tree (IST) instance is an RSTP instance that extends the CST inside the MST region (instance 0)
  - The timers for this are used across the region
- MST instances do not send individual BPDUs inside the MST region
  - Switches exchange MST BPDUs which are seen as normal RSTP BPDUs over IST containing additional info for each MST instance
Best design = One instance per redundant path
When a MST region is connected to the ‘outside’ an IST BPDU is generated for each VLAN
- This means it is advisable to have the root switch for all VLAN’s in the CST (recommended) or one switch within the MST region
CST always runs on VLAN1, regardless of native VLAN, when the CST runs PVST+

Configuration:

All switches:
     spanning-tree mode mst
     spanning-tree mst configuration
     name ‘name’
     revision ‘no.’
     instance ‘no.’ vlan ‘ID’s’
     (e.g. 1-10, 20)

Majority of commands the same as Cisco PVST+/802.1w but replace vlan ‘ID’ with mst ‘instance no.’

MST configuration show commands:
     spanning-tree mst configuration
     show pending
     show current

Great document on MST:
Rapid Spanning Tree (802.1w) and MST (802.1s) in Campus Networks

Why does PPP add /32 network? Your questions answered

By David Bombal

      Hi David

      Hope you are well.

      I have a couple of questions for you that I hope you can answer....

      First one is about PPP and that IPCP carries the 'other end' IP address to the local end
      of a serial line. I have had a quick look at the RFC and there doesn't seem to be an
      explanation as to why it does this, so why? However, in itself that's no big deal I suppose
      but the supplementary question is why does the router then put this address in the routing
      table with a /32 mask (obviously it also has the subnet listed as well)?

      <rest removed>

      Cheers

      Regards
      Dave

Hi Dave,

Good to hear from you.

The Cisco IOS supports dynamic address allocation of IPCP (IP over PPP) addresses. The issue is that IPCP does not negotiate the subnet mask as per RFC 1332.

The IOS will therefore automatically create neighbour routes by default. It will set up a route to the peer address on a point-to-point interface when the PPP IPCP negotiation is completed. This is also true for standard serial links. It will use a /32 network to point directly to the neighbor.

To disable this, you need to type the following command:

      no peer neighbor-route
      !Disables the creation of neighbor routes.

I hope this helps.
David

Tell us what you think!

We'd love to hear what you think of this issue!

Please send your comments, questions, and ideas for upcoming issues to us at:

NewsletterSuggestions@ConfigureTerminal.com

Your feedback matters to us!

To contact us...

If you have any questions, email info@ConfigureTerminal.com

If you have received this mailing in error, or if you no longer wish to receive email from Network Experts Limited, please send a e-mail with the word "unsubscribe" in the title to unsubscribe@ConfigureTerminal.com You will be automatically excluded from any future mailings including our "ConfigureTerminal.com Networking Tips" Newsletter that shares tons of free Networking tips, tricks, and techniques.

Please remember to include the email address we have contacted you at, so that we can complete your request without delay .

Network Experts Limited
2 Minton Place
Victoria Road
Bicester
OX26 6QB

All information contained in this newsletter is subject to the terms and conditions posted on our website here

www.ConfigureTerminal.com

For more info, please fill the info below.

Copyright © 2008 GPS Financial. All rights reserved.
Revised: 05/02/11

For more info, please fill the info below.

Copyright © 2008 GPS Financial. All rights reserved. Revised: 05/02/11

Copyright © 2008 GPS Financial. All rights reserved.
Revised: 05/02/11