September « 2006 « AI, ML, Development + Cisco Learning Blog

13. September 2006

IPv4/IPv6 subnetmask calculation

Filed under: IPv6 — ocsic @ 05:53

Well, you all know about calculation network masks and wildcard masks in the IPv4 world. But how to do it in IPv6? IPv6 has a binary numbering system, but IPv6 is hexadecimal based and now we have 340282366920938463463374607431768211456 IP addresses. So that’s the number you will find on the internet. My calculator says just 3,402408308e+38. I multiplied FFFF*FFFF*FFFF*FFFF*FFFF*FFFF*FFFF*FFFF in hexadecimal format and converted it afterwords into decimal.

With IPv4 there are a maximum of 255*255*255*255 with is 4228250625. Well you see the difference? I read it’s about 1000 addressess for each square centimeter of the earth IPv6 has.
IPv4 has 32 bits into his entire IP address. This means, there are 32 places where there can be a 1 or 0 in place.

So a binary numbers for 192.168.10.1 looks like:

11000000 => 192 => 2^7+2^6
10101000 => 168 => 2^7+2^5+2^3
00001010 => 10 => 2^3+2^1
00000001 => 1 => 2^0

And you have 192.168.29.2:

11000000 => 192 => 2^7+2^6
10101000 => 168 => 2^7+2^5+2^3
00011101 => 29 => 2^4+2^3+2^2+2^0
00000001 => 2 => 2^1

To calculate the host and network part you will „and“ one ip with the subnet mask. If the mask is 255.255.192.0:

11111111 => 255
11111111 => 255
11000000 => 192
00000000 => 0

Anding the ip address with the mask:

11000000 = 192
11111111 = 255
—————
11000000 = 192
10101000 = 168
11111111 = 255
—————-
10101000 = 168

00011101 = 29
11000000 = 192
—————-
00000000 = 0

00000001 = 2
00000000 = 0
—————–
00000000 = 0

So here you will have 192.168.0.0 for the network address. As for the mask 255.255.192.0

there will be the last 14 bits for hosts on the network.
11111111.11111111.11000000.00000000

The network ranges are from 192.168.0.0 – 192.168.192.0

So you have 2 bits for the network and 14 for hosts.

11111111.11111111.00000000.00000000 = 192.168.0.0
11111111.11111111.01000000.00000000 = 192.168.64.0
11111111.11111111.10000000.00000000 = 192.168.128.0
11111111.11111111.11000000.00000000 = 192.168.192.0

Where the network address is for example:
11111111.11111111.01000000.00000000 = 192.168.64.0

The broadcast address is:
11111111.11111111.0111111.11111111 = 192.168.127.255

The first and the last usable host in the network is:
11111111.11111111.01000000.00000001 = 192.168.64.1
11111111.11111111.01111111.1111110 = 192.168.127.254
So now you have the IPv6 addressing and how to compute a netmask matching your needs. I did not found anything on the internet about it, and so i write i down myself. Well that’s not absolute true. Look at the links provided…
The network mask /64 will be:

FFFF:FFFF:FFFF:FFFF:0000:0000:0000:0000 => /64
FFFF:FFFF:FFFF:FFFF:F000:0000:0000:0000 => /68
FFFF:FFFF:FFFF:FFFF:FF00:0000:0000:0000 => /72
FFFF:FFFF:FFFF:FFFF:FFFF:0000:0000:0000 => /80
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:0000:0000 => /96

FFFF:FFFF:FFFF:FFFF:F000:0000:0000:0000 => /68
FFFF:FFFF:FFFF:FFFF:C000:0000:0000:0000 => /69
FFFF:FFFF:FFFF:FFFF:8000:0000:0000:0000 => /70
FFFF:FFFF:FFFF:FFFF:4000:0000:0000:0000 => /65

The main thing which is important to understand is, that the quadrupples are divided into two 8 bit parts. That means, if you have the FF00 this is devided into FF which is 11111111 and 00 which is 00000000. So each /64 is half of all networks. And the next smaller unsubnetted network begins with /80 and so on, every 16 bits.

Each network „bit“ represents a 4 bit value. So plus a value of 1 means you will habe 2^4=16 more networks.

So the smalles subnetmask for example these IPv6 networks:

0001:2001:00EF:0222:0003:0001:EEEA:00AA
0001:2001:00EF:0222:0003:0001:EEEA:001A
——————————————————–
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFF:FFC0 => /121

0001:2001:00EF:0012::/64
0001:2001:00EF:0022::/64
——————————————————–
FFFF:FFFF:FFFF:FF40 => /82

Example 1:
To calculate an access-list mask for two IPv4 addresses that matches both addresses you AND these addresses:

For example:

192.168.1.10.1 and 10.11.2.3

11000000 => 192
00001010 => 10
————
00000000 => 0
10101000 => 168
00000001 => 11
————
00000000 => 0
00001010 => 10
00001011 => 11
————
00001010 => 10
00000001 => 1
00000011 => 3
————
00000001 => 1
The result is an access-list mask of 0.0.10.1 that would match both ip addresses.

The wildcard mask is a logical XOR conjunction. Means 0 XOR 1 = 1, 1 XOR 0 = 1, 0 XOR 0 = 0, 1 XOR 1 = 0. So only if there are differnt values, the result is 1.

That’s:

11000000 => 192
00001010 => 10
————
1111111 => 255
10101000 => 168
00000001 => 11
————
1111111 => 255

00001010 => 10
00001011 => 11
————
11110101 => 244
00000001 => 1
00000011 => 3
————
00000010=> 2

192.168.1.10.1 and 10.11.2.3

Networkmask: 0.0.10.1
Wildcardmask: 255.255.244.2

Example 2:

Another more common example:

192.168.43.132
192.168.45.4

access-list mask:

11000000 => 192
11000000 => 192
——————-
11000000 => 192

10101000 => 168
10101000 => 168
——————-
10101000 => 168

00101011 => 43
00101101 => 45
——————-
00101001 => 41

10000100 => 132
00000100 => 4

—————–

00000100 = > 4

The resulting access-list is:

192.168.41.4

The wildcard mask is:

11000000 => 192
11000000 => 192
——————-
00000000 => 0
10101000 => 168
10101000 => 168
——————-
00000000 = > 0
00101011 => 43
00101101 => 45
——————-
00000110 => 6
10000100 => 132
00000100 => 4
—————–
10000000 => 128

Wildcardmask 0.0.6.128

192.168.43.132
192.168.45.4

Mask: 192.168.41.4 , Wildcardmask: 0.0.6.128

Example 3

192.168.32.5
192.168.48.99

11000000 => 192
11000000 => 192
——————-
11000000 => 192

10101000 => 168
10101000 => 168
——————
10101000 => 168
00100000 => 32
00110000 => 48
—————–
00100000 => 32

00000101 => 5
01100011 => 99
—————-

00000001 => 1

Mask 192.168.32.1

Wildcardmask:

11000000 => 192
11000000 => 192
——————-
0000000 => 0
10101000 => 168
10101000 => 168
——————
00000000 => 168
00100000 => 32
00110000 => 48
—————–
00010000 => 16
00000101 => 5
01100011 => 99
—————-
01100110 => 102

0.0.16.102

Source:

http://www.internetworkexpert.com/resources/01700370.htm

http://wiki.linuxquestions.org/wiki/IPv6_deployment:addressing

Comments (0)

11. September 2006

important terms to know about Multicast

Filed under: Multicast — ocsic @ 13:43

IGMP – is used to track the multicast group members between hosts and routers on a lan
CGMP – Cisco Group Management Protokoll, for routers connected to catalyst switches
PIM – Protocol independet Multicast is for routers to know which multicast packets to forward and which not
DVMRP – Multicast used on the internet MBONE

Sparse Mode – unless there is an explicit request for traffic a router assumes that others routers do not want to forward traffic.When a host joins a multicast group, the connected routers send a PIM join message to the RP (rendezvous point). The RP keeps track of group mappings
Dense Mode – the router assumes that all other routers want to forward the multicast stream for a group, if a router receives a multicast and has no pim neighbor and no receiving host, it sends back a prune message to the source

Sparse-Dense-Mode

Important commands:

ip pim send-rp-announce Configures a router to be the RP

ip pim send-rp-discovery Assigns the RP mapping agent

ip igmp join-group the router will accept multicast packets and also forward them

ip igmp static-group the router will not accept and only forward a multicast stream

RP (rendezvouz point)

A RP is acting as the central sender and receiver for data. Sources must send their data to the RP over a shared distribution tree. The RP is then just the initiator for new sessions between receivers and senders.
static versus Auto-RP

for Auto-RP a router must be designated as the RP mapping agent. This agent sends the group-to-RP mappings.

Good programm for generating multicast traffic is iperf. See the link provided below.

Source:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/himc_c/mcbcncpt.htm#wp1075142

http://dast.nlanr.net/Projects/Iperf/

Comments (0)

5. September 2006

BGP messages types

Filed under: BGP — ocsic @ 06:53

RFCÂ 1930, 1771-1774
open – AS, HT (holdtime), Router ID, opt
keepalive – make sure links a established, checks if holdtime expires
update – inculdes, ip prefixes, route maintanace

notification – error code, subcode

Comments (0)

regular expressions

Filed under: BGP — ocsic @ 06:12

^ Start of string

$ End of string

[] Range of characters

– Used to specify a range (i.e. [a-z])

() Local grouping

. Any single character

* Zero or more instances

+ One ore more instances

? Zero or one instance

\ the \ matches the charcter

– Comma, open or clase brace, open or close paranthese, start or end of string, or space

Some examples matches:

.* Anything

^$ Local originated routes

^200_ Learned from AS 200

_200$ Originated in AS 200

_100_ Any instance of AS 100

^[0-9]+(_[0-9])?$ Directly connected AS’s and their customers

^$.*$$ Routes originated in confederation peers

^($.*$)?$ Locally originated and/or routes originated in confederation peers

Comments (0)

4. September 2006

BGP policies for routing

Filed under: BGP — ocsic @ 18:23

Here are some ways to control the way of BGP routing and sending updates to neighbors or controling updates from neighbors.

With „distribute-list“ it’s possbile to controll routes coming in on an interface or routes going out on an interface. You can for example say:

I don’t want to send route „192.168.1.0/24“ to router A an s0/0. So your distribute-list would look like:

(config)# acces-list 10 deny 192.168.1.0 0.0.0.255
(config)# access-list 10 any any
(config)# router bgp 500
(config-router)# distribute-list 10 out s0/0

So A would not receive 192.168.1.0

There are prefix lists are very similiar to acl’s. But they allow for example the use of sequence numbers. So you can a prefix-list inbetween other lists and don’t have to apply them at the end, like with acl’s.

Prefix-lists are more designed to filter route information.

Comments (0)

CCIE Lab Simulator 7200

Filed under: Allgemein — ocsic @ 06:25

You want to setup your CCIE lab with Simulators and don’t want to spend a lot of money into expensive hardware on ebay? You just nieed an Cisco 7200’er Image and can simulate the machine. Interconecting machines is also possible. Check out:

http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator

With the frontend:

http://dyna-gen.sourceforge.net/

Here is a nice explanation of how to set it up:

http://brokenpipes.blogspot.com/2006/09/become-ccie-with-simulator.html

Comments (0)

2. September 2006

BGP Route Reflector

Filed under: Allgemein — ocsic @ 15:03

Route Reflector
In this example there are

Route Reflectors
Route Reflecor Clients
Non Clients to Route Reflectors

In a normal enviroment all iBGP neighbors must be fully meshed. There are two exeptions to this rule.

Route-Reflection
Confederation

iBGP neigbors do not advertise routes learned from another iBGP neighbor to prevent loops. Therefore it is needed, that all iBGP neighbors are full meshed.

A route reflector will pass prefixes learned from BGP neighbors to

Advertisement is as follows:

if a client is an EBGP neighbor, all prefixes learned from the peer, will be advertised to all other peers

if a route is received from a client peer, the route is advertised to all client peers

if a route is received from a non-client peer, it is candidate to be advertised on all client peers. Sometime the route will not be advertised, when for example the route is not the „best“ path, or the route is part of a community not to be advertised.

to be continued….

Comments (0)

Checking connectivity with ping scripts

Filed under: Tips / Hints — ocsic @ 09:45

Some scripts are very usefull to test full reachability within routers and switches. On most routers there is a tclsh available and you can use is like this:

R1#tclsh
R1(tcl)#

foreach i {
150.1.8.8
150.1.7.7
150.1.5.5
150.1.4.4
150.1.3.3
150.1.2.2
150.1.1.1
} { puts [ exec „ping $i“ ] }

And then you can just copy and paste in your addresses. On some routers tclsh is not available. There you can use a ping macro:

SW1(config)#macro name PING
Enter macro commands one per line. End with the character ‚@‘.
do ping 150.1.1.1
do ping 150.1.2.2
do ping 150.1.3.3
do ping 150.1.4.4
do ping 150.1.5.5
do ping 150.1.7.7
do ping 150.1.8.8
@

SW1(config)#macro global apply PING
The last command executes the script. With this you can start pinging all your routers.

Comments (0)

1. September 2006

BGP decision process

Filed under: BGP — ocsic @ 13:25

BGP decision process

1. Weight check, highest
2. Local preference check, highest
3. Local route check.
4. AS path length check, shortest
5. Origin check, lowest, 0, 1, 2
6. MED check, lowest
7. prefer EBGP over IBGP Patch
8. Prefer the path to the closest IBGP neighbor
9. prefer the oldest route for EBGP paths

10. prefer the lowest BGP neighbor ID

Comments (0)

BGP Attributes

Filed under: BGP — ocsic @ 11:10

Attributes are one of the most important things concerning BGP. With attributes almost everything can be controlled.

There are diefferent types of attributes:

Welll-known-attributes

mandatory

Origin
AS_Path
Next_Hop

discretionary

Local_Preference
Atomic_Aggregate

Operational-attributes

transitiv

Aggregator
Community

non-transitiv

Multi_Exit_Descriminator

Propriatary-attributes

Weight (Cisco specific)

Description of Attributes:

Origin

Type Code 1
Well known, mandatory
Identifies the route was originally learned from by BGP

0 – by an IGP
1 – by an EGP
2- not complete /unrelaiable

AS_Path

Type Code 2
Well known, mandatory
Lists ASs between local and destination

Next_Hop

Well known, mandatory
Type Code 3
Identifies next hop to destination
Next_Hop = IP address of peer

MED – Multi-Exit Discremitnator (MED)

Type Code 4
Optional, non-transitiv
AKA „metric“
Indicats preference of one route into an AS over another
Only shared with neighboring AS’s
Lowest MED is preferred

Here in this example the MED 100 is preferred as the host with the better Path.

BGP MED

MED ist configured with the „default-metric [number]

Local_Preference

Type Code 5
Well known, discretionary
Indicates preference of one route over another
Within AS only
Higher Local_Preferance preferred
Cisco’s default is 100
It’s setup with a route-map

If there are two path’s from an AS to another and you can setup the local preference for your AS, you can set the Local_Preference to a lower value to become the one route more preferable. So this can be used to optimize the way routers communicate.

Atomic_Aggregate

Type Code 6
Well known, discretionary
Automatically sent when two overlapping routes are received

Less specific route is chosen
More specific route is not chosen

Aggregator

Type Code 7
Optional and transitiv
Any router that aggregates routes can use this attribute
Attribute contains

Aggregators AS number
Aggregators IP address

Community

Definded in RFC 1997
Type Code 8
Optional and transitiv
Allows for grouping of destinations
Apply policies to the group
Transitiv but dropped by default
Predefined communities

No_Export – Do not advertise to EBGP peers
No_Advertise – Advertise to no one
Internet – Advertise to everyone

Weight

Cisco defined
Non-transitiv
Wight assigned on peer-by-peer basis
Integer value (0-65535)
Higher values are preferred
Default is 32768 for originated local routes
Default for other routes is 0
BGP config command: neighbor [ip] weight [weight]

Comments (0)

« Newer Posts — Older Posts »

AI, ML, Development + Cisco Learning Blog Learning about Machine Learning, Artificial Intelligence, related devlopment topics and formerly Routing and Switching, Datacenter, Security and other topics, CCIE #23664, Frank Wagner

13. September 2006

11. September 2006

5. September 2006

4. September 2006

2. September 2006

1. September 2006

BGP decision process