Protocols.txt

/*************************************************************/
 *           CCNA: From IT University Online Classes         *
 *           CCNA: From Andrew Crouthamel Youtube Series     *
/*************************************************************/
ICND-1

- MAC Adrress: 24 bits OUI --> Organization Unique ID
               24 bits vendor assigned. Org can use anything.
- Cisco's OUI: 00:03:68

HUBs:
    * Use 802.3 communication mode: CSMA/CD
    * Uniform port speeds.
    * Loops can be created.
    * Half Duplex communication.

SWITCHEs:
    * Can support ports of different speeds.
    * Can prevent forwarding loops.
    * Full Duplex communication.

LAN Media:
    * Coaxial - Copper cable. Not used anymore.
    * CAT5 UTP - Unshielded Twisted Pair. Copper cable. Variant of Coaxial.
    * Fiber

UTP Cabling:
- Cat3: Used for telephones.
- Cat5: 10mb-100mb
- Cat5e: 1000mb
- Cat6: 3gb-10gb
- Cat6a: 10g

Cabling Types: Straight through & Crossover.

Crossover Cable - Connects SIMILAR devices.
Straight through - Connects DISIMILAR devices.

- If crossover cable is working when connected to similar devices or vice-versa
  then there must be a feature called: Auto MPX.


Fiber Optic Cables:
- Multi Mode fiber: Used for short range distances: 1g at 600 meters.
- Single Mode fiber: Used for long range: 10g at 10km (32000 feet).

- Ethernet has a distance limitation of 330 ft (about 100meters).


IOS Basics:
---
- To establish console connection, rollover cable needs to have following
  settings: 9600 baud, 8 data bits, 1 stop bit, no parity, no flow.
- Rollover cable is also called Serial cable.

IOS Modes:
---
- User (Read-Only Mode)
- Privileged/Exec/Enable
- Global Config
- Interface
- Sub-Intf
- ROM


Commands:
cisco(config)# hostname <name>
cisco(config)# banner MOTD # <message goes here. Hastag is needed>

/* user to exec mode password. This is stored in clear text in config file. */
cisco(config)# enable password <pass>

/* user to exec mode password. This is stored as a hash in config file. */
cisco(config)# enable secret <pass>

cisco(config)# username <> password <>

Remote Access:
---
cisco(config)# enable password <>
cisco(config)# line vty 0 4
cisco(config-line)# password <>
cisco(config-line)# login

IOS from Cisco Routers of following series can be used in GNS3
2600 3600 7200

POST - Power On Selft Test
- Verifies hardware and components are operational.
- Find and Load IOS software.
- Find and Load config (NVRAM).

Cisco Switches have a default vlan 1.

cisco(config)# interface vlan 1
cisco(config-if)# ip addr 10.10.10.2/24
cisco(config-if)# no shut
cisco(config-if)# exit
cisco(config)# ip default-gateway 10.10.10.1 <<< needed to connect to switch


cisco(config)# show ip interface br

- When "status" is UP. Physical interface is UP (L1 and L2 are working).
- When "Protocol" is UP.

Status/Protocol Combination:
-----
down/down (not connected) - Nothing is connected.
down/down
up/down - Intf is Up. Something wrong with L1/L2.
Administratively down/down - Intf was "shut"down by admin.
Up/Up - All is good.

cisco# show mac address-table /* contents of CAM table */
cisco# clear mac address-table

- PVST+ - Per vLAN Spanning Tree, defines one instance of STP per VLAN. It's
  Cisco proprietary but interoperable with non-Cisco devices. Re-converges in
  1s, instead of 50s for STP.

VLAN configuration:
cisco(config)# vlan 3
cisco(config-vlan)# name Accounting /* Inside VLAN mode */
cisco(config-vlan)# vlan 4
cisco(config-vlan)# name Sales

cisco(config-if)# switchport mode access
cisco(config-if)# switchport access vlan 4

Voice VLAN
- Cisco switches have a special vlan called Voice VLAN.
- If there is an IP Phone on access port, place that in Voice VLAN. Otherwise,
  use whichever data VLAN is assigned.

cisco(config)# interface fast ethernet0/1
cisco(config-if)# switchport mode access
cisco(config-if)# switchport access vlan 3
cisco(config-if)# switchport voice-vlan 100

VLAN Trunking
----
- Trunk interface passes all (or selected) VLANs.
- Both ends of trunk interface must have same native VLAN or else trunk will not
  work.
- Obviously, the interface must be in "trunk" mode and not "acess" mode.

/* MUST BE DONE FIRST */
cisco(config)# switchport trunk encap dot1q

/* makes interface as trunk */
cisco(config)# switchport mode trunk

/* OPTIONAL: only if you want to change native vlan. It MUST match on both
 * sides. */
cisco(config)# switchport trunk native vlan 20

/* OPTIONAL: only allow following VLANs */
cisco(config)# switchport trunk allowed vlans 1, 10, 20, 30, 41, 45, 300


>>>>>>>>  Andrew Crouthamel Youtube Series  <<<<<<<<<<<

IANA Ports List

- Well known ports: 0-1023
- Registered ports: 1024-49151
- Dynamic/Private ports (aka Ephemeral ports).
    49152-65535

- Nodes that are explicitly configured to listen to multicast address will
  receive multicast traffic.

Usable IP address ranges:
    Host IP: 0.0.0.0 to 223.255.255.255
    Multicast: 224.0.0.0 to 239.255.255.255
    Experimental: 240.0.0.0 to 255.255.255.255 << never used
    Private: 10.0.0.0/8
             192.168.0.0/16
             172.16.0.0/12
             These are NOT routable. Routers drop packets with these IP.

    Sepcial Addresses:
             0.0.0.0    Default Route
             127.0.0.1  Loopback
             169.254.0.0 to
             169.254.255.255 Link-Local or APIPA
                            (Automatic Private IP Addressing)


Classful Addressing
---
    Class A: 1-127  (/8)
    Class B: 128-191 (/16)
    Class C: 192-223 (/24)
    Class D: 224-239 Multicast
    Class E: 240-255 Experimental

IPv6 Addressing
---
- Types of IPv6 addresses:
    * Global Unicast - Routable, can be assigned using DHCP.
    * Link Local - Not routable. Only for local subnet.
    * Loopback - all zeros except last bit--> ::1/128
    * Unspecified - It's all zeros (or just ::)
    * Unique Local - Similar to private addresses of IPv4
        FC00::/7 to FDFF::/7
    * Multicast -
    * Anycast - Unicast address assigned to multiple devices.
    * Subnetting - Recommended on /64 boundary.
        2001:0DB1:ACAD:0000::/64
        2001:0DB1:ACAD:0001::/64
        2001:0DB1:ACAD:0002::/64

IPv6 Unicast and Multicast
---
- Global Unicast Addresses has 3 parts
    * Global routing prefix
    * Subnet ID
    * Interface ID

- Dynamic IPv6 Address assignment.
    * SLAAC or DHCPv6.
    * SLAAC = Stateless Address Autoconfiguration
- ICMPv6
- Router Advertisement (RA) tells how to configure your device with IPv6
  address.

-
TODO: Watch lessons on IPV6 again.

Data Link Layer
---
- Two parts: LLC and MAC
    * LLC - Logical Link Control. Identifies the protocol to be used to send
      pkts out.
    * MAC

- LL Protocols are:
    * Ethernet - Uses CSMA/CD
    * 802.11 Wireless - Uses CSMA/CA
    * PPP
    * HDLC, Frame Relay

Physical Layer
---
- MAC addresses has OID and DID (Manufactures ID and Device ID).

Few types of encodings:
- Manchester Encoding to transmit bits
    * Going from high to low = 0
    * Going from low to high = 1
- Non-Return to Zero (NRZ)
    *
- 4B/5B
- 8B/10B

+ On Radio Waves, modulations is used (amplitude and frequency) or Pulse Code
Modulation (PCM)


Network Media Types
---
- Copper
    + Interference is biggest issue
        * EMI - Flourescent lighting
        * RFI - Microwaves
        * Crosstalk - wires picking electrical signals from other wires. But not
          so much these days. Twisted pair reduces it.
            @ UTP (Unshielded Twisted Pair) - cheaper; uses RJ45 connector.
            @ STP (Shielded Twisted Pair) - costly; uses RJ45 connector.
            @ Coaxial - Cable and TV installations.
- UTP cables: Cat 5 (100 Mbps), 5e (1 Gbps), 6 (1 Gbps), 6a
- Types of UTP: Straight Through, Crossover, Rollover.
    * Straight Through - End device to switch
    * Crossover - similar devices (host to host or switch to switch)
    * Rollover - Cisco implementation

- Fiber Optic
    + Single Mode Fibre and Multi Mode Fibre
    + SMF - Uses Laser and range is in kilometer. Costly. Yellow color.
    + MMF - Uses LED and in range of few meters. Cheap. Orange color.

- Wireless: 802.11 (WiFi), 802.15 (Bluetooth), 802.16 (WiMax)
    + 2.4 GHz - can penetrate through walls.
    + 5 GHz - line of sight.

- Within 802.11 (WiFi), lot of substandards
    + 802.11a - 5 GHz - 54 Mbps
    + 802.11b - 2.4 GHz - 11 Mbps
    + 802.11g - 2.4 GHz - 54 Mbps
    + 802.11n - 2.4 or 5 GHz - 100 to 600 Mbps
    + 802.11ac - 2.4 and 5 GHz - 250 to 1.3 Gbps
    + 802.11ad - 2.4 and 5 and 60 GHz - WiGig - up to 7 Gbps

    These standards are backwards compatible.


Topology Basics
---
- Ethernet Bus
- Point to Point
- (a) Star Topology (b) Hub and Spoke Topology
- Mesh
- Ring Topology


Ethernet Basics
---
- LAN (L2 protocol). Data Link Layer tech.
- 10, 100, 1 G, 10 G, 40 G, 100 Gbps
- LLC is done in software
- MAC in hardware
- Max size of Ethernet pkt = 1518 bytes
- Min size of Ethernet pkt = 64 bytes
- If it's less than 64 bytes, it's either a collison pkt or runt frame (bad FCS)
  and discarded.
- If larger than 1518 bytes it's discarded unless it's 802.3ac which is 1522
  bytes allowing VLANs.

Ethernet Fields
---
    Preamble
    Start Frame
    Dest MAC
    Src MAC
    Length
    Data
    FCS

- Unicast, Multicast and Broadcast addresses
- Multicast starts with 01-00-5E


ARP
---
- L2 destination resolution, given an L3 address.
- L3 destination resolution is DNS (but only name to IP resolution).

Reverse ARP
---
- Given MAC, provide IP.

Switch Basics
---
- Two ways of packet forwarding
    (a) Store and Forward
        * Read entire frame
        * Do CRC check and foward frame.
        * Slow
    (b) Cut Through
        * Fast-Forward: Forward after reading Dest MAC
        * Fragment Free: Save first 64 bytes because if there's collision, it's
          usually in first 64 bytes. Doesn't do CRC checks.
- Buffering:
    (a) Port based - One queue per port
    (b) Shared - Common queue


IOS Device Basics
---
IOS Commands Basics
---
Switch Config Basics
---
VLAN Basics
---
- Default VLAN is 1
- Data VLAN
- Voice VLAN
- Trunk: Allows multiple VLANs per cable.
- Management VLAN
- Native - untagged traffic

Creating VLANs
---
- Standard Range - 1 to 1005; 1002 to 1005 are for Token Ring and FDDI
    + VLAN 1, 1002 to 1005 are already created by Cisco devices.
    + Stored on VLAN.dat file on compact flash.

- Extended Range - 1006 to 4094
    + Not on VLAN.dat file
    + Not learnt through VTP (VLAN Trunking Protocol).
- VTP - Cisco proprietary protocol
    + GVRP - Non-Cisco protocol

VLAN Trunks
---
-


/*************************************************************/
 *           CCNA Syllabus                                    *
 * Refer to 200-120_composite2.pdf file
/*************************************************************/

/*************************************************************/
 *           Table of Contents                               *
/*************************************************************/
1 Ethernet Fundamentals
2 Spanning Tree Protocol (STP)
3 Rapid Spanning Tree Protocol (RSTP)
4 VLAN
5 LAG/LACP

Cisco CCNA Notes (Perhaps from DeAnza College Course)
6 IP
7 Chapter 2: Static Routing Overview
    7.1 Cisco Discovery Protocol (CDP)
8 Chapter 3: Dynamic Routing Protocols
9 Chapter 4: Distance Vector Routing Protocols
    9.1 RIP
    9.2 EIGRP
10 Chapter 5: RIP v1
11 Chapter 6: VLSM and CIDR
12 Chapter 7: RIP v2
13 Chapter 8: Routing Table: A Closer Look
14 Chapter 9: EIGRP
<<<<< End of Cisco Course notes

15 IS-IS Primer
16 OSPF Primer
17 OSPF 101
18 RIB
19 BGP Primer
20 MPLS Overview
21 MPLS Fundamentals
22 MPLS L3VPN Primer v2
23 VPLS Overview
24 IP QoS Intro (PWFQ Intro)
25 QoS Primer


26 ARP
27 ICMP
28 UDP

29 VPN Technologies
    29.1 EVPN

Todo: TCP, UDP, IP, IGMP, ICMP, DCHP, DNS, ARP, RARP, SNMP, IGMP

/************************************************************/
         CCNA Cisco Net Academy Notes
           from Cisco Class Notes at
                  DeAnza College
/************************************************************/

/*************************************************************/
                INTERNET    PROTOCOL  (IP)
                Foothill College Notes
                    Cisco Academy
/*************************************************************/

- OSI Model

    layer 7 - Application: Interacts with applications.
    layer 6 - Presentation: Converts code and reformats data
    layer 5 - Session: coordinates interaction between end-to-end
                        application processes.
    layer 4 - Transport: Provides end-to-end data integrity and QoS
    layer 3 - Network: Switches and routes data to the appropriate n/w
                        device.
    layer 2 - Data Link: Transfers units of data to other end of physical
                         link.
    layer 1 - Physical: Transmits and recv on n/w medium.


- Layer 1: Physical:
- Layer 2: Ethernet, Frame Relay, PPP
- Layer 3: Logical addressing (end-to-end addressing), Routing, Path
  determination. IPv4, IPv6 and IPx
- Layer 4: TCP, UDP, SCTP
- Layer 5: SAP, NetBIOS
- Layer 6: Encryption, Compression, MIME, TLS, SSL,
- Layer 7: Authentication, FTP, HTTP, Telnet.


    OSI Model                   TCP/IP Model
    +-------------+--------------+--------------+
    | Application |              |              |
    +-------------+              | Application  |
    |Presentation |              |    Layer     |
    +-------------+              |              |
    |  Session    |              |              |
    +-------------+--------------+--------------+ <-- port number
    | Transport   |              |  Transport   |
    +-------------+--------------+--------------+ <-- protocol number
    |  Network    |              |Internet Layer|
    +-------------+--------------+--------------+ <-- type code
    | Data Link   |              |              |
    +-------------+              | Link Layer   |
    |  Physical   |              |              |
    +-------------+              +--------------+





- IPv4 Packet Header

  0                             15 16                            31
  +---------------+---------------+---------------+---------------+
  | Vers |  IHL   |  Service Type |      Packet  Length           |
  +---------------+---------------+---------------+---------------+
  |         Identification        | Flag |    Frag. Offset        |
  +---------------+---------------+---------------+---------------+
  |    TTL        |    Protocol   |      Header Checksum          |
  +---------------+---------------+---------------+---------------+
  |                  Source IP Address                            |
  +---------------+---------------+---------------+---------------+
  |                  Destination IP Address                       |
  +---------------+---------------+---------------+---------------+

- IP Header in a packet travels unchanged throughout the network.
- Only MAC header changes with every hop.
- Unreliable, connectionless datagram delivery service.
- Unreliable: Best effort service. If IP receives error packet, its
  discarded and an ICMP message is send to sender.
- Connectionless: No state information of packets/datagram is saved.

Vers (4-bit): IPv4
Header Length (4-bit): HL in 32-bit size. Hence, max of 60 byte header is
possible.
Service Type (8-bits):
    3-bits: unused
    1-bit: minimize delay
    1-bit: maximize throughput
    1-bit: maximize reliability
    1-bit: minimize monetary costs
        Only one of the above 4 can be on.
    Last-bit: always set to zero


Packet Length (16 bits): Packets up to 65536 bytes can be sent/recvd by
IP. However, lower layers cannot handle it and fragmentation happens.
Identification (16-bits):
Flag ():
Frag. Offset ():
TTL (8-bits):
Protocol (8-bits):
Header Checksum (16-bit):
Source IP (32-bit):
Dest IP (32-bit):

Table of Contents

/**************************************************************/
 *                                                            *
 *             Routing Protocols & Concepts                   *
 *                                                            *
/**************************************************************/

Chapter 1: Introduction to Routing and Packet Forwarding

- ROM in a router stores the following
  (a) Bootstrap instructions
  (b) Basic diagnostic software
  (c) Scaled-down version of IOS

- Router Boot-up Process
  (a) Perform POST
  (b) Load bootstrap program
  (c) Locate and load Cisco IOS software
  (d) Load startup config file

- Main job of bootstrap program is to locate Cisco IOS and load it in to RAM
- Cisco IOS can be either on Flash or other places like a TFTP server
- Management Ports:
    - Not used for packet forwarding
    - Used for router configuration
    - Two types
          (a) Console Port
          (b) Auxiliary Port

- Router interfaces can be divided in to two types
  (a) LAN Interfaces - such as Ethernet and FastEthernet
  (b) WAN Interfaces - such as serial, ISDN and Frame Relay








>>>>> Endianness <<<<<

- 0th bit is MSB and 7th bit is LSB. When sending out, data is sent in 0
  to 7, 8 to 15 bits and so on. This is Big Endian or Network Byte Order.





Chapter 2: Static Routing

- For WAN connections, Cisco routers supports the following cable types
  (a) EIA/TIA-232
  (b) EIA/TIA-449
  (c) V.35
  (d) X.21
  (e) EIA/TIA-530
   - Don't have to remember them. On Cisco side, DB-60 port is used. Other
     end is the type above cables provide.

- Like devices are those whose ports have similar pins and unlike devices are those
  whose ports have different pins.

- Routers and PCs are like devices. Switches and Hubs are like devices. Naturally,
  switches and routers are unlike devices.

- Within Ethernet LANS, two types of cables are used:
  (a) Straight-through: to connect unlike devices
      - switches to routers
      - switches to PC
      - Hubs to routers
      - Hubs to PC

  (b) Crossover Cable: to connect like devices
      - switch to switch
      - PC-to-PC
      - switch to hub
      - hub-to-hub
      - Router-to-Router
      - Router-to-Server

- On serial links, one end is DTE and one is DCE.

- "Administratively Down" means that interface is "shutdown".
- "Line Protocol Down" means interface is not receiving carrier signal from peer.

- Ethernet interfaces on a router participates in ARP.

>>>> Configuring Interfaces

>> Serial Interface
    interface serial 0/0/0
      ip address 172.10.2.1 255.255.255.0
      no shut

>> Configuring Serial Links in Lab
- Cisco serial interfaces are DTE by default but can be configured as DCE.
- To configure an interface as DCE, connect the DCE end of the cable to intf
  and configure "clock rate" command.
- DCE = female connector, DTE = male connector


/*************************************************************/
>>>> Cisco Discovery Protocol [CDP] <<<<
/*************************************************************/

- CDP is a powerful info gathering tool used to get info about directly
  connected Cisco devices.
- Its an L2 protocol, meaning only physically connected devices are considered
  neighbors.
- Allows to access summary of protocol and address info about connected
  Cisco devices.
- Its a proprietary tool.

- CDP Advertisements contain: router interfaces, model numbers, intf used
  to make connections etc

- "show cdp neighbor" and "show cdp neighbor detail" gives info about neighbor

- To disable CDP on the entire box: (config)#no cdp run
- To disable CDP on an interface: (config-if)#no cdp enable

- show cdp neighbor
- show cdp neighbor detail

>>>> Static Routes <<<<

- Static routes [ip route ...] are configured when routing from a network to
  a stub network.

- When an exit intf goes down [shutdown], the static route cannot be resolved
  to an exit intf. Then it is removed from the routing table.

- The entries are still in the running-config. So, if the intf comes back up
  again [no shutdown] then they are installed in the routing table.

- There are certain protocols used on point-to-point serial link such as HDLC
  and PPP where next-hop IP address is not used. The IP packet, in HDLC case,
  is encapsulated with L2 broadcast destination address.

- Static Route Summarization.
  - Helps reduce routing table size
  - Lookups are faster

- When instead of exit interface, if an exit IP is configured, then there will
  be two lookups to resolve exit interface. This is called Recursive Route Lookup.
  [RRL]

- To avoid RRL, we can configure exit interface instead of exit IP. This is
  only possible for serial interfaces as there is only one device [router] at
  other end in serial intf.

- Ethernet intf is a multi-access intf and there could be multiple devices
  sharing that end point. By having Ethernet intf, router doesn't know the
  end point.

- For Ethernet intf, configure both exit intf and next-hop IP.

- Route Summarization reduces routing table size. Multiple static routes can be summarized into a single static route if:
	a) The destination networks can be summarized into a single network address, and
	b) The multiple static routes all use the same exit-interface or next-hop IP address


>> Default Static Route

- ip route 0.0.0.0 0.0.0.0 [exit interface]
- Default route need not be static route, but it usually is.




Chapter 3: Dynamic Routing Protocols



           |<-- Dist. Vect. --->|<---- Link State   ---->|<--Path Vect-->
-----------+---------+----------+-----------+------------+--------------+
Classful   |   RIP   |   IGRP   |           |            |     EGP      |
-----------+---------+----------+-----------+------------+--------------+
Classless  | RIPv2   |  EIGRP   |  OSPFv2   |   IS-IS    |    BGPv4     |
-----------+---------+----------+-----------+------------+--------------+
IPv6       | RIPng   | EIGRPv6  |  OSPFv3   |  IS-ISv6   |    BPGv6     |
-----------+---------+----------+-----------+------------+--------------+

- Interior Gateway Protocols [IGP] are used for routing within an Autonomous
  Systems (routing domain). Examples: RIP, IGRP, EIGRP, OSPG and IS-IS

- Exterios Gateway Protocols [EGP] are used for routing between Autonomous Systems.
  Examples: BGP, its the only practical solution.

- IGP comprises of Distance Vector and Link State protocols


>>>> Distance Vector Protocols <<<<

- Distance Vector := Distance + Direction
  Distance := hop count or similar metric
  Direction := exit interface or IP of next hop router

- DV uses Bellman-Ford algo to determine best path

- DV works best when
   - simple and flat network like hub/spoke n/w
   - worst-case convergence times are not a concern


>>>> Link State Protocols <<<<

- A router configured with Link State protocol can get a "complete view"
  of the network.

- LS works best when
   - Network design is hierarchical
   - Fast convergence is crucial

- Classful routing: Subnet mask not included. Network is either Class A, B, C or D
  - Example: RIPv1, IGRP

- Classless routing: Subnet mask is included.
  - Example: RIPv2, EIGRP, OSPF, IS-IS, BGP

- Metrics generally used in routing protocols
  Hop Count
  Bandwidth
  Load - Considers traffic utilization of a certain link
  Delay
  Reliability - probability of error
  Cost - can represent a metric or combo of metrics/policy

- RIP uses Hop Count
- IGRP & EIGRP use Bandwidth, Delay, Reliability and Load.
- IS-IS & OSPF use Cost. IOS or network admin determines this cost.

- All protocols in CCNA course are capable of load balancing upto 4 equal cost
  routes.
- EIGRP can load balance between unequal cost routes.


>>>> Administrative Distance <<<<

- AD defines the preference of one routing source to the other. Lower AD, higher
  preference. 0 <= AD <= 255
- Directly connected routes have 0 AD and it cannot be changed.
- AD of 255 means that router does not trust the source and route is NOT
  installed in the routing table.


Source         AD
-------------------
Connected          0
Static             1
EIGRP Summary      5
External BGP       20
Internal EIGRP     90
IGRP               100
OSPF               110
IS-IS              115
RIP                120
External EIGRP     170
Internal BGP       200


>>>> Static Route <<<<

- Static route has an AD of 1
- "Floating Static Route": When a route to a network exists in routing table
  due to a dynamic protocol, but admin configures a static route with AD greater
  than that of routing protocol, then such a static route is called "Floating
  Static Route".




Chapter 4: Distance Vector Routing Protocol


DVRP include RIP, IGRP and EIGRP

RIP
  -- Hop count is used as metric.
  -- If hop count > 15, RIP cannot supply route to that network.
  -- Updates are broadcast or multicast every 30 seconds, by default.

IGRP
  -- Cisco's proprietary protocol
  -- A combination of bandwidth, delay, load and reliability is used
     as metric.
  -- Updates are broadcast every 90 seconds, by default.
  -- Its obsolete now. EIGRP is used now.

EIGRP
  -- Can perform unequal cost load balancing.
  -- Uses Diffusing Update Algorithm [DUAL] to calculate shortest path.
  -- Updates are sent only when there is a change.


       |      Distance Vector                        |  Link State
--------------------------------------------------------------------------
       | RIPv1    | RIP v2    | IGRP    | EIGRP      | OSPF     | IS-IS
--------------------------------------------------------------------------
 A     | Slow     | Slow      | Slow    | Fast       | Fast     | Fast
--------------------------------------------------------------------------
 B     | Small    | Small     | Small   | Large      | Large    | Large
--------------------------------------------------------------------------
 C     | No       | Yes       | No      | Yes        | Yes      | Yes
--------------------------------------------------------------------------
 D     | Low      | Low       | Low     | Medium     | High     | High
--------------------------------------------------------------------------
 E     | Simple   | Simple    | Simple  | Complex    | Complex  | Complex


A = Speed of convergence
B = Scalability - Size of network
C = Use of VLSM
D = Resource usage
E = Implementation & Maintenance


>>>> Routing Information Protocol [RIPv1] <<<<<<

- The following timers exists for RIPv1
  (a) Update  [30s default]
      Time when routing updates are sent to neighbors.

  (b) Invalid  [180s default]
      Time to keep a route in the table of an update to refresh if not received.
      Route is marked invalid by setting the hop count to 16 and kept in table
      until flush timer expires.

  (c) Flush [240s default]
      When this timer expires, route is removed from the table.

  (d) Holddown [180s default]
      This timer is used to stabilize the routing info when topology is yet to
      converge. Once a route is marked unreachable, the route has to wait for
      holddown seconds to learn about it again.

- "show ip protocols" and "show ip route" will give info about the timers.

- Triggered updates are sent [without having to wait for update timer] when
  the following happens
   (a) An interface state changes.
   (b) A route has entered [or exited] the "unreachable" state.
   (c) A route is installed in routing table.

- When all routers send updates simultaneously, collisions can occur. So, Cisco
  introduced RIP_JITTER variable that subtracts [0-15%] from update timer. Now,
  the update timer becomes, somewhere between 25-30s


>> Routing Loop Avoidance
- There are numerous mechanisms to eliminate routing loops
  (a) Defining max limit on certain metrics [such as TTL] to avoid count
      to infinity.
  (b) Holddown timers
  (c) Split horizon
  (d) Route poisoning or poison reverse
  (e) Triggered updates

- Holddown Timer: Used to prevent regular updates due to inappropriately
  installing a route in routing table [may be due to interface flapping etc]

- Workings of Holddown Timer
  (a) Router receives an update that a certain network is down
  (b) Router marks this route as "Down" and starts the Holddown Timer
  (c) If an update for that route with a better metric is received, timer
      is invalidated and the better route is installed.
  (d) If an update with same or worse metric is received, its ignored.
  (e) Router still forwards packets to "Down" route, to cover for
      intermittent connectivity issues.

- Split Horizon: A router should not advertise a network through the interface
  from which the udpate came.

- Route Poisoning [or Poison Reverse]: is used to mark the route as unreachable
  in a routing update sent to other routers.

- Split Horizon with Poison Reverse: When sending updates out a specific
  interface, designate any networks that were learned on that interface as
  unreachable.


>>>>> RIP <<<<<

- Standardized routing protocol that works in mixed vendor router environment.
- Easiest protocols to configure; good choice for small networks.

RIPv1 Features:
- Supports split horizon with poison reverse to prevent loops
- Capable of load balancing up to six equal cost paths. Default is four equal
  cost paths.

RIPv2 Features:
- Includes subnet mask in routing updates, making it classless routing [RIPv2]
- Has authentication mechanism to secure routing table updates.
- Supports variable length subnet mask [VLSM]
- Uses multicast addresses instead of broadcast.
- Supports manual route summarization.


>>>>> EIGRP <<<<<

- Enhanced IGRP is a classless, DV proprietary routing protocol from Cisco.

EIGRP Features:
- Triggered updates [there is no periodic updates]
- Use of a topology table to maintain ALL the routes received from neighbor
  [not just the best route]
- Establishment of adjacencies with neighbors using "Hello Protocol".
- Support for VLSM and manual route summarization.
- Also, supports CIDR.
- Metric is complex.

Advantages of EIGRP:
- Metric is based on bandwidth and cumulative delay of the path.
- Fast convergence due to Diffusing Update Algorithm [DUAL] route calculation.
- Bounded updates (meaning, only the changed info is sent), resulting in less
  bandwidth consumption in large networks.
- EIGRP supports multiple network layer protocols through protocol dependent
  modules.
- Sits on top of IP. Doesn't use TCP or UDP. It uses RTP (Reliable Transport
  Protocol) to deliver pkts to neighbors.
- Supports Equal and Unequal Cost Load Balancing.

EIGRP Messages:
---
HELLO, ACK, UPDATE, QUERY, REPLY

EIGRP HELLO Pkts
- Used to discover EIGRP neighbors and form adjacencies.
- EIGRP HELLO pkts are sent to multicast group address. IPv4 on 224.0.0.10 and
  IPv6 on FF02::A
- There is no ACKs for HELLO packets.
- Sent every 5s (every 60s on low speed NBMA networks).
- Hold timer = 3 * Hello timer (5s). If HELLO pkts are not received within hold
  timer, neighbor is unreachable.

- In IP header (v4 or v6), EIGRP is identified as by Protocol Number 88. EIGRP
  doesn't run on TCP or UDP.


    R1  <--------------------------------------------->  R2
    HELLO, I am R1 ->
                                     <- HELLO, I am R2

    NEIGHBOR table              <- UPDATE, here is my routing table.
      is filled

    ACK, thanks for info  ->
    UPDATE, here is my routing info ->

    TOPOLOGY table                                   TOPOLOGY table
      is filled                                         is filled

                                        <- ACK, thanks for info.

            ======= R1 and R2 are fully converged =======

- Neighbors are either in DOWN state or FULL state.
- In above message exchanges, full routing table is sent first time. Subsequent
  updates are only incremental changes.









Chapter 5: Routing Information Protocol v1

           |<-- Dist. Vect. --->|<---- Link State   ---->|<--Path Vect-->
-----------+---------+----------+-----------+------------+--------------+
Classful   |   RIP   |   IGRP   |           |            |     EGP      |
-----------+---------+----------+-----------+------------+--------------+
Classless  | RIPv2   |  EIGRP   |  OSPFv2   |   IS-IS    |    BGPv4     |
-----------+---------+----------+-----------+------------+--------------+
IPv6       | RIPng   | EIGRPv6  |  OSPFv3   |  IS-ISv6   |    BPGv6     |
-----------+---------+----------+-----------+------------+--------------+


Characteristics:

- RIP is a distance vector protocol.
- Hop count is the only metric for selecting a route.
- Hop count > 15 means unreachable network.
- Messages are broadcast every 30 seconds.


+--------------------+------------+--------------+------------------+
|Data Link Frame Hdr | IP Pkt Hdr | UDP Sgmt Hdr |   RIP Message    |
|                    |            |              | 504 bytes, up to |
|                    |            |              | 25 routes        |
+--------------------+------------+--------------+------------------+

Data Link Frame Hdr:
    MAC Dest Addr: FF FF FF FF FF FF
    MAC Src  Addr: Senders MAC Addr

IP Pkt Hdr:
    IP Dest Addr: 255.255.255.255
    IP Src  Addr: IP of sender
    Protocol field: 17 meaning UDP

UDP Sgmt:
    Src Port: 520
    Dest Port: 520


0             7 8                15 16                                31
+--------------+-------------------+-----------------------------------+
|Command=1 or 2|  Version = 1      |          zero                     |
+--------------+-------------------+-----------------------------------+
| Address Family [IP = 2]          |          zero                     |
+----------------------------------+-----------------------------------+
|                        IP Address (Network Address)                  |
+----------------------------------------------------------------------+
|                                 zero                                 |
+----------------------------------------------------------------------+
|                                 zero                                 |
+----------------------------------------------------------------------+
|                            Metric (Hops)                             |
+----------------------------------------------------------------------+
|              Multiple route entries, up to max of 25                 |
+----------------------------------------------------------------------+



5.1.2

Command: 1 for Request, 2 for Reply
Version: 1 for v1 and 2 for v2
Address Family: 2 for IP unless a request for complete routing table
         in which case its 0
IP Address: Destination IP
Metric: Hop count


>>> RIP Operation

>> Basics
- Upon bring up, RIP interfaces sends out request message.
- RIP-enabled neighbors respond with their routing table.
- Evaluate each route entry received and table updated.
- Send triggered updates to neighbors.

>> Classful Routing
- RIP is classful and hence does not send subnet mask.
- Router either uses subnet mask configured on interface or use default
  value for that class.
- Due to this, RIPv1 networks cannot be discontigous.

>> AD
- RIP has 120 AD. Of all interior gateway protocols, RIP has highest.


>> Configuration

R1# config t
R1(config)# router rip



`passive-interface intf-type intf-number` prevents sending updates
along that interface.


>> Processing RIP Updates
- If update & intf on which its received belong to same network, subnet
mask of intf is applied.
- If update & intf on which its received belong to different network,
subnet mask of the class is applied.
- Update sent on same major network will have exact network address entry
and associated metric.
- Update sent on different major network will have summarized to classful
network address.

>> Advantages of Automatic Route Summarization
- Smaller routing table
- Fewer routing updates

>> Disadvantages
- When discontiguous networks are configured, summarization doesn't work.



Chapter 6: VLSM and CIDR


    Class        Higher Order         Start          End
------------------------------------------------------------------
  Class A              0             0.0.0.0       127.255.255.255
------------------------------------------------------------------
  Class B              10           128.0.0.0      191.255.255.255
------------------------------------------------------------------
  Class C              110          192.0.0.0      223.255.255.255
------------------------------------------------------------------
  Multicast            1110         224.0.0.0      239.255.255.255
------------------------------------------------------------------
  Experimental         1111         240.0.0.0      255.255.255.255
------------------------------------------------------------------





    Class    1st Octect     2nd         3rd         4th        Subnet
-----------+------------+-----------+-----------+------------+--------+
  Class A  |  Network   |   Host    |  Host     |   Host     |  /8    |
-----------+------------+-----------+-----------+------------+--------+
  Class B  |  Network   |  Network  |  Host     |   Host     |  /16   |
-----------+------------+-----------+-----------+------------+--------+
  Class C  |  Network   |  Network  | Network   |   Host     |  /24   |
-----------+------------+-----------+-----------+------------+--------+


Private IP Address Space
-----------
+ Not to be used publicly. Only for private use.

+ In Class A:   10.0.0.0 to 10.255.255.255; One network addr.
+ In Class B:   172.16.0.0 to 172.31.255.255; 16 network addresses.
+ In Class C:   192.168.0.0 to 192.168.255.255; 256 network addr.

+ Private IP addr is not routed to public routers.

Special Use IP Addresses
-----------
0.0.0.0/8       "This" network
14.0.0.0/8      Public-Data Network
24.0.0.0/8      Cable Television Network
39.0.0.0/8      Reserved but subject to allocation.
127.0.0.0/8     Loopback
128.0.0.0/16    Reserved but subject to allocation.
169.254.0.0/16  Link Local
192.0.0.0/24    Reserved but subject to allocation.
192.0.2.0/24    Test-Net
192.88.99.0/24  Relay anycast
223.255.255.0/24    Reserved but subject to allocation.




CIDR (RFC 1519)
- More flexible use of IPv4 address space.
- Prefix aggregation, which reduced routing table size.
- To CIDR routers, network class is meaningless.
- Network address is determined by routing prefix.

VLSM
- CIDR uses VLSM to allocated IP addresses to subnets.
- Classless routing protocols propagate CIDR/VLSM addresses. These
include: RIPv2, EIGRP, OSPF, IS-IS & BGP.
- Route summarization and 'super netting' means the same thing.





Chapter 7: RIPv2

- 'Route Redistribution' means, taking routes from one source and sending
it to another router. 'redistribute static' command should be applied.

- RIPv1 & RIPv2 packets are encapsulated in UDP segments using port 520
and carries up to 25 routes.



0             7 8                15 16                                31
+--------------+-------------------+-----------------------------------+
|Command=1 or 2|  Version = 2      |          zero                     |
+--------------+-------------------+-----------------------------------+
| Address Family [IP = 2]          |      Route Tag                    |
+----------------------------------+-----------------------------------+
|                        IP Address (Network Address)                  |
+----------------------------------------------------------------------+
|                               Subnet Mask                            |
+----------------------------------------------------------------------+
|                               Next Hop                               |
+----------------------------------------------------------------------+
|                            Metric (Hops)                             |
+----------------------------------------------------------------------+
|              Multiple route entries, up to max of 25                 |
+----------------------------------------------------------------------+



- Two improvements of RIPv2 over v1
   a. Subnet mask field
   b. Next Hop address: Used to identify better next-hop address, if one
      exists, than the address of the sending router. If set to 0.0.0.0,
      the address of sender is best next-hop.

- Configuration

(config)# router rip
(config-router)# version 2

- Network with 192.168.0.0/16 CANNOT be distributed with v1 because subnet
mask is less than classful mask. Because mask is not included in v1 updates,
there is no way for RIPv1 router to determine what that mask should be.
Therefore, update was never sent.
- 'no auto-summary' disables summarization. It can be confirmed in
'show ip protocols'


Chapter 8: The Routing Table: A Closer Look

- Level 1 route is a route with subnet mask equal to or less than classful
mask of network address. 192.168.1.0/24 is level 1 route because the
subnet mask is equal to the networks classful mask.

- Level 1 route can function as:
  - Default route (static route with address 0.0.0.0/0)
  - Supernet route (mask less than classful mask)
  - Network route (subnet mask == classful mask)

- Ultimate Route: One that includes next hop IP and/or exit interface.
- Parent Route: Level 1 parent route is one that does not have next-hop
  IP address or exit interface for any network.
- Child Route: Level 2, has next-hop and/or exit interface info.

- Level 2 route is a subnet of classful network address.

>> Steps in route lookup process
1. Examine level 1 route for best match with the packets destination address.
1a. If best match is level 1 ultimate route, use it to forward packet.
1b. If best match is level 1 parent route, proceed to Step 2
2. Child routes are examined for best match.
2a. Match! Use this subnet to forward packets.
2b. No Match. Proceed to Step 3.
3. Classful or Classless routing behavior?
3a. Classful routing. Drop the packet.
3b. Classless routing. Search level 1 routes.
4. Match with Supernet first and then default to forward packets.
5. No match, no default. Drop the packet.

- Longest match: Route with most number of equivalent left-most bits
is preferred.

- Classful & classless behavior can be configured by '[no] ip classless'.




Chapter 9: EIGRP

- Features include:
  - RTP
  - Bounded Updates
  - Diffusing Update Algorithm [DUAL]
  - Establishing Adjacencies
  - Neighbor & Topology Tables

-

Dynamic Trunking Protocol [DTP] switchport mode relationships

------------------+-----------+------------+----------+---------+
                  | Dynamic   | Dynamic    |          |         |
                  |  Auto     | Desirable  | Trunk    | Access  |
------------------+-----------+------------+----------+---------+
Dynamic Auto      | Access    |  Trunk     | Trunk    | Access  |
------------------+-----------+------------+----------+---------+
Dynamic Desirable | Trunk     |  Trunk     | Trunk    | Access  |
------------------+-----------+------------+----------+---------+
Trunk             | Trunk     |  Trunk     | Trunk    | NR      |
------------------+-----------+------------+----------+---------+
Access            | Access    |  Access    | NR       | Access  |
------------------+-----------+------------+----------+---------+

NR = Not Recommended

> "show dtp interface" displays current settings


Creating VLAN
-------------
#config t
(config)# vlan <id>
(config-vlan)# name "vlan name"
(config-vlan)#end


Assign a switch port
--------------------
#config t
(config)# interface <id>
(config-if)# switchport mode access
(config-if)# switchport access vlan <id>
(config-if)# end

Removing a VLAN
----------------
(config)# no switchport access vlan ==> removes the port from VLAN and assigns
                                        default VLAN [VLAN 1, may be]


Assign a trunk
---------------
#config t
(config)# interface <id>
(config-if)# switchport mode trunk
(config-if)# switchport trunk native vlan <id>
(config-if)# end


Removing a trunk
-----------------
(config-if)# no switchport mode trunk allowed vlan  ==> reset all the VLANs configured
                                                        on this trunk port

(config-if)# no switchport mode native vlan ==> reset native VLAN to VLAN 1


Show VLAN commands
-------------------
show vlan [brief | id <id> | name "name" | summary]


Show interface commands
------------------------
show interfaces [<interface id> | vlan <id>] | switchport











/*************************************************************/
      ERICSSON CERTIFIED ASSOCIATE - IP NETWORKING
            from Ericsson's internal website
/*************************************************************/
/*-----------------------------------------------------------*/
 *               CARRIER ETHERNET - OVERVIEW
/*-----------------------------------------------------------*/
- Carrier Ethernet is different than LAN ethernet & Metro Ethernet.
- CE is part of next-gen Telecom Solutions.
- Operators are providing Voice, Video and Data over transport ethernet
  (yeah!, another adjective before ethernet).
- Providing different services on different infrastructure is a costly
  model for Telcos (like Voice has separate infra, same with Video and
  Data).
- Voice and Video are shifting to IP networks


      |       |       |        |              |                  |
      |       |       |        |              |     data         |      End user services
      |       |       |        |              |                  |
      | Voice |       |  Video |              |                  |
      |       |       |        |            +----------------------+    Statistical multiplexing
      |       |       |        |            |         IP           |    Service flexibility
      |       |       |        |            +----------------------+
      |       |       |        |                       |
      |       |       |        |                       v
    +---------------------------------------------------------------+   QoS
    |                         ATM                                   |   Connection oriented
    +---------------------------------------------------------------+   Statistical multiplexing
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+   High availability
    |                     Sonet/SDH                                 |   SLA monitoring
    +---------------------------------------------------------------+   Provisioning
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |   High bandwidtch
    +---------------------------------------------------------------+


- Smart devices are accelerating growth in data networks.
- Ethernet is lowcost technology compared to ATM and provides high
  bandwidth.
- Converged networks increases operational complexity.


- Carrier Ethernet scales standard ethernet for Carrier class/scale
  operations.
- CE provides Standardized Services, Scalability, Reliability, Service
  Management, QoS.
- Two components to CE: (a) Network Elements/Infra (b) Network Services.


- Metro Ethernet: Infra to connect subscribers and businesses to larger
  internet.
- ME is typically managed by one operator.

- CE, on other hand, can span ME + National + International Connectivity.
  Ex: ATT, Verizon, BT, BSNL etc.

- Ethernet OAM helps manage CE.


802.2 = Logical Link Control Layer.
+ IEEE 802.3 = MAC + Physical Layer.

PHYSICAL MEDIA
-----
+ Many physical media. Data Link Layer is same.

+ Universal Twisted Pair (UTP)
    - 10Mbps speed
    - Half Duplex or Full Duplex.

+ RJ45
    - 100MBPS speed.
    - Half/Full duplex.

+ UTP (4 pairs) or Fiber/Optical Cables
    - 1Gbps
    - For fiber: (a) Short Wavelength (Sx) (b) Long Wavelength (Lx)
    - 200 meters UTF can operate.
    - Fiber can operate on 5KM.

ETHERNET NAMING CONVENTIONS
-------

    Speed : Transmission Type : Phy Medium

 + Speed = Bit Rate
 + Trans Type = Baseband (sigle signal) or Broadband (multiple signals
                over phy medium).
 + Phy Medium = T - Unshielded Twisted Pair
                Lx - Long Wavelength Fiber
                Sx - Short Wavelength Fiber.

Ex: 100Base200 = 100Mbps baseband over Coaxial Cable with 200meters
distance limit.
Ex: 1000BaseLx = 1Gbps over Long Wavelength Fiber.


ETHERNET ADDRESS (MAC)
---------
+ Hardware Address: Burned in (48 bits).
+ Globally unique.
+ HEX format.
+ No correlation with device location.
+ 3 types of addresses:
    Unicast, Broadcast and Multicast.

+ First 24 bits = Company ID (Manufacturer ID)
+ Some Company ID's are reserved to identify Unicast, Broadcast and
Multicast frames.
+ Second 24 bits = Extension ID, to uniquely identify cards made by a
manufacturer.

   +--------------------------------------------------------+
   |   8   |  6    |   6   |  2    |                  |  4  |
   | bytes | bytes | bytes | bytes |         DATA     |bytes|
   |  SFD  |  DA   |  SA   | Type  |                  | FCS |
   +-------+-------+-------+-------+------------------+-----+


TRANSPORTING MECHANISM/ALGORITHM
--------
+ CSMA/CD (Carrier Sense Multiple Access/Collision Detection)
+ Modern ETH networks use switches and avoid Collision Domain. Hence
CSMA/CD is no longer used.
+ Collision Domain: Group of nodes sharing transmission medium hence
resulting in collision if they transmit at same time.

BRIDGING
-------
+ To avoid collision, bridging domain was introduced.
+ Bridging divides network in to multiple, separate collision domains.
+ Bridge learning creates MAC table. This is used to lookup for
forwarding.
+ Nowadays bridges are used to connect networks at a higher level and not
to separate collision domains.


SWITCHES
-------
+ Switches are extension of bridges.
+ They too separate collision domains.
+ MAC table is at hardware level and hence much faster than bridge.
+ If a host connects to a switch, then it is in its own Collision Domain.
Hence, CSMA/CD is not required anymore and host can transmit & receive
data simultaneously (Full Duplex mode).
+ Broadcasts on Switches: DST MAC = FF:FF:FF:FF:FF:FF. Switch forwards
broadcast on all 'other' ports.


ETHERNET LOOPS
-------
+ Broadcast storms can happen.
+ MAC Table is constantly toggled/updated.
+ Applications may crash due to packet resend overloads.


LOOP AVOIDANCE
------
+ STP is used to avoid loops.
+ It detects Link Failure or Switch Failure.

// Read STP chapter for more details.



/*************************************************************/
 *           ETHERNET FUNDAMENTALS                           *
/*************************************************************/

   +--------------------------------------------------------+
   |   8   |  6    |   6   |  2    |                  |  4  |
   | bytes | bytes | bytes | bytes |         DATA     |bytes|
   |  SFD  |  DA   |  SA   | Type  |                  | FCS |
   +-------+-------+-------+-------+------------------+-----+

SFD - Start Frame Delimiter
DA  - Destination Addr
SA  - Source Addr
Type- Ethertype
Data
FCS - Frame Check Sequence

- Baseband - Single signal over the cable;
  Broadband - Multiple signals over the cable.

- Collision Domain: A packet sent by a host is received by ALL the host in
  that domain.
- BRIDGE separates Collision Domains.
- BRIDGE maintains a Bridge Table [or MAC Addr Table] that maintains the MAC
  addr versus interfaces on which it belongs.
- If packet comes on an interface and destination MAC addr is on the SAME
  intf, it is dropped, thus separating the collision domains.
- If destination packet is on ANOTHER interface then it is forwarded.
- "Bridge Learning" is the process used in building the MAC addr table.

- Now a days, the term "Bridging" is used to refer to joining multiple
  networks together. Switches replace Bridges in today's networks.

- Switches have a hardware backplane mesh, hence its much faster to
  transfer packets.

- Ethernet Loops: Lots of disadvantages and network failure if there is a loop.

- STP avoids loops.

/*************************************************************/
              SPANNING TREE PROTOCOL
/*************************************************************/

- Begins with selection of one switch as Root Bridge. Its done through election
  process.
- Root Bridge ports are always in "Forwarding" state.
- After selection of RB, all other switches must select their port which is
  closest to the root. These are ports that offers the easiest or lowest cost
  path to the root bridge. These are called Root Ports. Note that RP are only
  on non-root bridges.
- Finally, switch must select one dedicated port for each "segment" - connection
  between two switches or between switch & host. This is called Designated
  Port.
- All ports on RB are designated ports
- All OTHER ports on non-RB switches are put in "blocking state" and no traffic
  can be forwarded on them.

STP Process

- Election of Root Bridge and selection of port roles are done by BPDU.
  Bridging Protocol Data Units
- Switches send to each other BPDU with info used to create tree.

BPDU
           +---------+---------+---------+-------+
           |  root   | sender  | cost to | STP   |
           | bridge  | bridge  | reach   |timers |
           |   ID    |   ID    | root    |       |
           +---------+---------+---------+-------+


- Each switch has a bridge identifier BID which is used to select root.

BID
           +----------------+
           | priority | MAC |
           +----------+-----+

- priority is set by admin & MAC addr assigned to switch [Q: Which MAC addr?]
- MAC is used to maintain uniqueness of BID.
- Lower the BID, higher the likelihood of being a root.
- In designing the network it is important to configure the priority part of
  BID carefully because that switch will carry the most traffic within the n/w.

Switch Failure

- When a switch fails, blocked ports are moved to designated or root ports
  to maintain connectivity.


STP PORT STATES
- (a) BLOCKING: All other ports
  (b) LISTENING:
  (c) LEARNING:
  (d) FORWARDING: Designated Ports & Root Ports

- Ports cannot move from BLOCKING to FORWARDING when network changes. Doing
  so can cause loops due to incorrect MAC tables.
- LISTENING state: similar to blocking as no forwarding is done. Old,
  incorrect MAC addresses are timed out.
- LEARNING state: frames are still not fowarded but switch starts learning
  MAC addresses of frames received on interface.
- Finally, port enters FORWARDING state.

BLOCKING ---> LISTENING ---> LEARNING ---> FORWARDING

STP Port Roles
- Root Ports
- Designated Ports
- Blocked Ports


/*************************************************************/
            RAPID SPANNING TREE PROTOCOL
/*************************************************************/

- STP works well but is developed with old networks in mind.
- Timers used and support for hubs means that recovery time when link or switch
  fails is up to 50secs.
- RSTP aims to improve recovery time. It introduces new states for ports to do
  this. Recovery times < 5s.


RSTP Connection Types

(a) Link Type Point to Point: Connection between switches
(b) Link Type Shared: Between switches and hubs
(c) Edge Type: Between switch and end users

- RSTP improves recovery time for (a) & (c) connections. This is good because
  mordern networks doesn't use hubs anymore.


RSTP Port Roles
(a) Designated Port
(b) Root Port
(c) Backup Port - Back up to DP
(d) Alternative Port - Back up to RP
(e) Disabled Port - Similar to Blocking port


RSTP Port States
(a) Discarding - similar to blocking
(b) Learning state - Don't forward frames. But learn MAC addr.
(c) Forwarding - RP and DP operate in this state.

Discarding ---> Learning ---> Forwarding: State transition.


/*************************************************************/
                      VLAN
/*************************************************************/

- Segments physical broadcast domains in to virtual broadcast domains.
- Admin can configure different ports on a switch to different VLAN's.
- VLAN's reduces size of broadcast domain and hence traffic/overhead.

VLAN TRUNKS [or just TRUNKS]

- Trunks is a special link used to connect switches.
- It can carry traffic for ANY vlan. Conversely, an interface configured
  as trunk mode is assumed to be in multiple VLANs.
- If a broadcast packet is received on a trunk interface, how should it be
  transmitted on appropriate VLAN? Answer: Use of VLAN ID.


Switch Ports can be configured as

(a) Access Ports:
   - Connect to end users.
   - Carries traffic for one VLAN.
   - Frames transmitted on access ports don't have VLAN tags.

(b) Trunk Ports:
   - These ports carry traffic for multiple VLANs and usually have
     VLAN tags.
   - These ports are those connecting switches.


802.1Q/VLAN Header
    +----------+-----+----+----+---------+-----------+----------+-----+
    | preamble | SFD | DA | SA | EthType |  802.1Q   |   DATA   | FCS |
    +----------+-----+----+----+---------+-----------+----------+-----+


802.1Q tag
    +----------+-----+-----+-----+
    |   TPID   | VID | PCP | CFI |
    +----------+-----+-----+-----+

TPID = Tag Protocol ID: 8100, 88a8, 9100 etc
VID = 12 bits
PCP = Priority Code Point, used to prioritize certain VLANs over others.
      Example: Voice over data
CFI - Canonical Format Identifier [one bit]. Indicates the format of MAC
      address representation in the frame.


ETHERNET RESILIENCY
- Link Aggregation:
    - provides redundancy.
    - Extra bandwidth.

- Note that there will be loops between switches with multi interface.
- LAG prevents loops with additional benefits mentioned above.


/*************************************************************/
      LINK AGGREGATION CONTROL PROTOCOL [LACP]
/*************************************************************/
- LACP is used to negotiate the aggregation of links between devices
- LACP is used to group links between 2 switches with multiple connections.
- LACP priority is set on devices using LACP. One with lowest priority value
  decides which ports should be aggregated.

- Ports themselves have priorities set on them so certain links are more
  likely to be used than others. This is negotiated between the devices.

- Max of 16 ports can be in one LACP group and only 8 can be use at one time.
- The other 8 are backup.


On SmartEdge

[local]spiders(config-link-group)#lacp ?
  active            Configure LACP in Active Mode
  admin-key         Configure LACP Administrative Key
  hold-timeout      Configure LACP Hold Timeout
  ignore-system-id  Configure LACP Ignore System Id
  passive           Configure LACP in Passive Mode
  periodic-timeout  Configure LACP Periodic Timeout
  revertible        Configure LACP revertible operation

[local]spiders(config-link-group)#por eth 1/6
[local]spiders(config-port)#lacp ?
  priority  Configure LACP port priority
[local]spiders(config-port)#lacp priority ?
  0..65535  Specify the priority



Link Aggregation Requirements [using LACP]

All the links between switches should be
- Full Duplex
- Point to Point
- Same Speed

- Traffic is balanced across different physical links.
- Load balancing is done by calculating hash value of Source Addr and Dest Addr.
  This means that for an LACP connection carrying multiple flows, each
  physical ethernet link should get an equal share of traffic.



TELECOM GRADE ETHERNET RING PROTOCOL
------------------------------------
+ Challenges in scaling Ethernet from LAN to Carrier Network.
    - Longer distances and more end points.
    - Higher bandwidth and more aggregation.
    - QoS and intolerance to failure.

+ Fiber optics is common medium of transport in Carrier Ethernet.


LIMITATION OF ETHERNET
----------------------
+ Long recovery time on link/node failure.
+ RSTP can recover in 5s, but this is too long on Carrier Ethernet.
+ SDH/SONET offers convergence times less than 50ms.
+ Ethernet Ring Protection is solution.

ETHERNET RING PROTECTION
------------------------
+ Use Fiber Ring Networks for Ethernet.
+ One switch is configured as designated MASTER. This switch has Primary
port and Secondary port specified.
+ A Control VLAN is setup that spans full Ethernet Ring.
+ On Master, all ports are operational in Control VLAN.
+ Other VLANs are called Data VLANs. Only Primary port of Master switch is
in Data VLAN. Secondary port is blocked. This is where loops are
prevented.
+ When data is sent out primary port and received on secondary port, it is
discarded.
+ Only health messages are sent out on Control VLANs. Its sent out on
Primary port and received on Secondary port, thus ensuring ring is
operational.


ERP LINK DOWN
-------------
+ When a switch detects link down, it generates link down message and
sends out on Control VLAN.
+ When Master receives this, it unblocks Secondary Port so all switches
will maintain connectivity.
+ It informs all switches about topology change, which means update to
respective MAC tables.
+ A 'Flush Forwading Database' is sent out on Control VLAN on both ports.


ERP SWITCH DOWN
---------------
+ When a health message fails to receive on Secondary Port, Master
concludes that a switch has failed.
+ Master ublocks Secondary Port, thus maintaining connectivity between all
non-failing switches.



QinQ - QinQ Provider Bridging
-----------------------------
+ Carrier can provide 'Bridging' services to customer using VLAN's. One
customer can get many VLANs from an ISP for various tasks. Carrier Network
should have the ability to route this traffic and provide 'bridging'
functionality.
+ Due to limit on VLAN ID's (12bits, 4096 VLANs), this is not Scalable.
+ QinQ bridging was invented.

S-Tag = Service Tag
C-Tag = Customer Tag [within a customer's own network]

TPID for S-Tag = 9100
TPID for C-Tag = 8100

+ Provider only looks at S-Tag to route its traffic.

DRAWBACK
--------
+ QinQ networks can bloat up MAC tables in Switches.
+ To solve that, MAC in MAC is devised.




802.1AH Provider Backbone Bridging [MAC in MAC]
-----------------------------------------------
- To address the problem associated with large MAC address table in QinQ n/w.

 +-------+-------+-------+-------+-------+-------+--------+------+---+
 | B-DST | B-SRC | B-TAG |  DST  |  SRC  | C-TAG |  TYPE  | Data | F |
 +-------+-------+-------+-------+-------+-------+--------+------+---+

B-DST: Backbone Destination MAC
B-SRC: Backbone Source MAC
B-TAG: Backbone VLAN TAG

- This increases frame size.


802.1QAY: Connection Oriented Ethernet Traffic Engineering
----------------------------------------------------------
- Static MAC Paths are configured to simulate 'Connection Oriented
  Ethernet' and take its advantages.
- There is no learning as MACs are statically configured.
- No loops exists.
- 802.1Qay is used to centrally manage these paths.


/************************************************************/
            SECTION: IP FUNDAMENTALS
                 E/// class notes
/************************************************************/


/*************************************************************/
            NETWORK PROTOCOL STACK - OVERVIEW
/*************************************************************/
// Boring, too basic

MPLS (Multi Protocol Label Switching)
------
+ MPLS is underlying protocol to most backbone networks today.
+ Enables Operator to setup dedicated tunnels between different sites
accross the globe for corporate VPN.
+ It can carry many different n/w protocols.

+ It does NOT fit in to L2 or L3, but has characteristics of both layers.
+ It can encapsulate L3 protocols (say, IPv4) and can itself get
encapsulated in L2 protocol.


SS7 (Signaling System Number 7) Protocol Suite
-------
+ SS7 is the protocol suite used in traditional telecom networks.
+ Its purpose is to setup/teardown PSTN calls.
+ SS7 is still widely used though Operators are moving more towards IP
infrastructure.

+ SS7 was designed to run over TDM (Time Division Multiplexing) n/w.
+ Many protocols that were running on SS7 are being migrated to IP.
+ This merging of traditional TDM n/w and IP n/w is handled by protocol
suite known as SIGTRAN (Signaling Transmission).

    SS7 Protocol Stack

    +-------------------+
    | Application Level |
    +-------------------+
    |       MTP 3       |
    +-------------------+
    |       MTP 2       |
    +-------------------+
    |       MTP 1       |
    +-------------------+

+ Application Level:
    - Most crucial level in the stack. Data for communication is in this
      layer.
    - If ISUP (ISDN User Part) protocol is used, this layer stores A
      number and B number (caller and callee, respectively). This is when
      a call is made on landline (PSTN phone).
    - Operator looks at both numbers and routes the call by first
      reserving necessary resources.

+ MTP (Message Transfer Part) Level 3:
    - Handles routing of application data between exchanges (similar to IP
      in TCP/IP suite).
    - Source address is called OPC (Originating Point Code) and Dest
      address is called DPC (Destination Point Code). Addressing format is
      called SPC (Signaling Point Code).

+ MTP Level 2:
    - Ensure reliability by having error checks, flow control and sequence
      checking.

+ MTP Level 1:
    - Physical/Electrical part. In Europe, this was 64kbps per caller on
      2Mbps E1 channels.


ATM (Asynchronous Transfer Mode) Reference Model
-------

    +-------------------+
    |      Data         |
    +-------------------+
    |      AAL          |
    +-------------------+
    |      ATM          |
    +-------------------+
    |    Physical       |
    +-------------------+

+ Still widely used for voice and data.
+ ATM is connection oriented (end-to-end virtual path is setup).

+ Data Layer:
    - Most important part. Voice or Data.
+ AAL (ATM Adaptation Layer):
    - Encodes type of data, since each type has its own requirements.
    - For instance, AAL1 (voice traffic) has CBR (Constant Bit Rate)
      requirement.
+ ATM
    - Sets up and identifies the virtual path the cells (aka IP Packets)
      travel.
    - Virtual Paths are identified by VPI/VCI. VPI splits Physical Paths
      in to Virtual Paths and VCI further divides virtual paths in to
      channels.


IETF Operation
------
+ Life cycle of an idea/draft/rfc/standard
    Motivation --> Scop --> Working Group --> Internet Draft (RFC) -->
    Internet Standard.



/************************************************************/
                    IP Overview
                 E/// class notes
/************************************************************/

+ Traditional Telco Network Stack

    Voice           Data                TV&Video
    -----           ----                --------
    PSTN            Common IP           Satellite (DVB-S)
    Frame Relay     infra for           Cable N/W (DVB-T)
    ATM             many services.
    SONET/SDH
    Mobile N/W

+ Infra is very expensive for Telcos for each service.
+ In meantime, IP is evolving like crazy and supporting all services.
Economies of scale is driving the IP infra cost down.
+ From vertical n/w to layered architecture.

Circuit Switch Concept
-----
+ A dedicated line/circuit was established to carry voice traffic.
+ It was not shared.

Packet Switch
------
+ Data transmission chops data in to packets and transmitted on n/w.
+ n/w are idle most of the time with bursts of traffic.
+ Packet switch was developed with this idea.


Packet vs Circuit
------
+ IP n/w offer better bandwidth utilization.
+ n/w resources are allocated only when users need to send data.
+ IP offers better traffic prioritization options.
+ IP n/w can take dynamic routing decision, providing quick restoration of
n/w failures and flexibility.



/************************************************************/
                    IP Fundamentals
                    E/// class notes
/************************************************************/
/************************************************************/
                    IP Routing Overview
                    E/// class notes
/************************************************************/
- Basics of IP Routing.
- Static vs Dynamic Routing:
        - Manual configuration; Static Routing. Not scalable.
        - Dynamic Routing - Routers exchange their routing tables.

- IGP: Interior Gateway Protocol
        - RIP, OSPF, IS-IS, iBGP. Routers exchange info within an
          Autonomous System.

- EGP: Exterior Gateway Protocol
        - Hide LAN details, but share routing info.


/*************************************************************/
            IP Routing Fundamentals
               E/// Class Notes
/*************************************************************/

Basic Principles
- Dynamically learn and fill routing table.
- Place best routes in table.
- Remove invalid routes and replace them, wherever possible.
- Add new routes quickly (called convergence).
- Prevent routing loops.

- Distance Vector & Link State Protocols



/********************************************************************/
 *                  IPv6 Addressing Basics                          *
/********************************************************************/




/********************************************************************/
 *                                                                  *
 *                         IS-IS PRIMER                             *
 *                                                                  *
/********************************************************************/

IS-IS = Intermediate System to Intermediate System

- Originally designed as a dynamic routing protocol to route packets in
  ISO Connectionless Network Services [CLNS] environment.

- Link State routing protocol used as Interior Gateway Protocol [IGP].

- OSPF evolved from IS-IS

- Integrated IS-IS is an extension of IS-IS supporting both IP and OSI
  protocols. Remember that original IS-IS was developed for OSI and not
  for TCP/IP suite.

- IS routers use addresses called Network Service Access Point [NSAP]
  as a way to identify itself on the network.

- The same NSAP address is used for the entire node [unlike IP which
  assigns an IP address to each interface]

- When using integrated IS-IS, both NSAP and IP addresses are used.


- NSAP Address format is pretty complex. Here is a generic one.

    |<--- IDP --->|<--------  DSP  ------------>|
    +-----+-------+----------+----------+-------+
    | AFI |  IDI  |  HO-DSP  |    ID    |  SEL  |
    +-----+-------+----------+----------+-------+

    IDP = Initial Domain Part --> Standardized by ISO
    DSP = Domain Specific Part --> Assigned by authority specified in IDP
    AFI = Authority and Format Identifier
    IDI = Initial Domain
    HO-DSP = High Order Domain Specific Part

    NOTE: The combination of IDP and HO-DSP forms the routing domain
          and area id.

    ID  = System Identifier for this router.
    SEL = NSAP Selector


- Simplified NSAP Address

    +-----+-------+----------+----------+-------+
    | AFI |  IDI  |  HO-DSP  |    ID    |  SEL  |
    +-----+-------+----------+----------+-------+
    |<-----    Area    ----->|< sys id >| NSEL  |
      var len: 1-13 bytes       6 bytes   1 byte

- NSAP Addresses are variable in length and can be up to 20 bytes long.

  NSEL (1 byte):- NSAP Selector refers to target network service user,
                  such as network device or routing layer. Similar to
                  TCP port no.

  ID (6 bytes):- Unique ID assigned to this router. Can use loopback IP.
                 Example: 1921.6810.1001 [192.168.101.1 is re-written]

  Area ID (1-13 bytes):- Identifies the area IS router belongs to.
  Consists of 2 parts. Example: 49.0001
        (a) First byte is AFI.
        (b) Following bytes represent area number.

> Full NSAP: 49.0001.1921.6810.1001.00


TERMINOLOGY
-----------
  IS - Intermediate System [Router etc]
  ES - End System [like a PC]
  CLNS - Connectionless Network Service
  CLNP - Connectionless Network Protocol
  NSAP - Network Service Access Point
  NET  - NSAP where NSEL=00
  PDU  - Protocol Data Unit
  LSP  - Link State PDU


ADJACENCIES
------------
- Routers can establish adjacencies only on same level.
- Adjacencies are formed using special PDU called Hello.
- Adjacency formation is different on point-to-point and broadcast n/w.
- Adjacent router exchange routing info using Link State PDUs.


- On a broadcast domain, redundant info may be sent out.
- To avoid, Designated IS [DIS] is choosen.


Multiple Area Networks
----------------------
- Routing tables and link-state databases can grow enormously. High
  convergence time.
- Concept of "AREA" was introduced to limit the size of the database.
- Level 1 routing happens between routers in same area ID.
- Level 2 routing is between routers in DIFFERENT area ID. They
  form the backbone of the network.

- 3 routing levels exists: Level 1 only, Level 2 only, Level 1-2


LSP Entries in IS-IS Database
-----------------------------
- For every broadcast link on Level 1, there is a pseudo node created
  for that link.
- In output of 'show isis database':
     ++ LSP IDs ending with 00-00 describe a router.
     ++ LSP IDs ending with xx-00 describe a pseudo node.

LSP ID
------
SysID.XX-YY
   SysID - System ID part of originating router NSAP
   XX    - Describes the router. 00 means regular. Non-zero means
           pseudonode.
   YY    - LSP fragment no. LSP can be very big. If its bigger than
           1492 bytes, ISIS fragments them.

Example: IS-Router.01-00
         router.00-00



/********************************************************************/
 *                                                                  *
 *                         OSPF  PRIMER                             *
 *                                                                  *
/********************************************************************/

- Concept of Areas exists in OSPF too. Area 0 = backbone routers. Other
  areas = internal routers.
- Area Border Router [ABR] = connects two areas, one of which is Area 0.
- Autonomous System Border Router [ASBR] = Connects OSPF Area to external
       routing domain such as ISIS, BGP or static/connected routes.

OSPF Topology Construction
---------------------------
- It automatically discovers all OSPF routers.
- It automatically discovers all prefixes in network.

- Just configure OSPF for IP connectivity and assign an area. Rest is taken
  care of.
- OSPF routers use Link State Advertisements [LSA] to share information
  between routers.


Types of LSAs
-------------

LSA 1 [Router LSA]:
    Generated by all routers in an area to describe their directly attached
    links. Limited to an area.

LSA 2 [Network LSA]:
    Generated by Designated Router of a broadcast or non-broadcast segment
    to describe neighbors connected to the segment. Limited to an area.

LSA 3 [Summary LSA]:
    Generated by ABR to describe a route to neighbors outside of the area.
    [Inter-Area Routes]

LSA 4 [Summary LSA]:
    Generated by the ABR to describe a route to an ASBR to neighbors outside
    the area.

LSA 5 [External LSA]:
    Generated by ASBR to describe routes redistributed into the area.


Show Commands
--------------

> show ospf database  --> LSA 1
> show ospf database network  --> LSA 2
> show ospf database summary-network detail  --> LSA 3
> show ospf database summary-asbr detail  --> LSA 4
> show ospf database external detail  --> LSA 5


/********************************************************************/
 *                                                                  *
 *                         OSPF  101                                *
 *                                                                  *
/********************************************************************/

- OSPF router maintains a full network topology database called link-state
  database.
- Routers use Link State Advertisements [LSA] to exchange info required
  to build link-state database.
- Using link-state database and Shortest Path First algo, OSPF calculates
  routes to all destinations.

Neighbor Discovery
------------------
State: INIT
   1) OSPF uses hello packets to locate neighbors
   2) Hello packets sent on multicast address 224.0.0.5
   3) Routers must agree on certain settings before becoming neighbors
       (a) Both routers should be in same area
       (b) Link must be based on valid network address
       (c) Authentication params must be valid [if enabled]
       (d) Hello & Dead intervals must be same
       (e) Routers must also have unique router IDs
State: 2-WAY
   4) If above conditions are met, routers become neighbors and
      progress to "2-WAY" state.


Link State Database Synchronization
-----------------------------------
- All routers in an area have same link state database
- A new router coming online will need to
   (a) Update its neighbors about its own links
   (b) Receive a complete database from its neighbors
- A master-slave relationship is established to exchange database info.
   (a) Routers select master [highest router ID]
   (b) Routers exchange database descriptor packets [DBDs] that
       briefly describes the content of the database.
- OSPF is connection-oriented
   (a) Messages will be acknowledged by the receiver
   (b) un-ack'ed messages will be re-transmitted.
   (c) If ack is not received after retry, receiver will be declared
       dead and hence a topology change.
- OSPF does not use TCP or UDP. It runs directly over IP. Hence the
  retransmission mechanism is directly implemented in OSPF.

State: EXSTART
   1) Routers identify the master. One with highest Router ID is
      the master.

State: EXCHANGE
   2) Routers exchange DBD packets.

State: LOADING
   3) If there are new links in DBD, router sends Link State
      Request [LSR] to request more info on the new link.
   4) Receiving router will respond with details using Link State
      Update [LSU]
   5) Sender sends Link State Ack [LSAck].

State: FULL
   6) Routers will calculate optimal paths to destination using
      SPF algorithm

- Neighbor routers exchange "Hello" packets.

- For broadcast domains [Ethernet], special rules apply.
   (a) A Designated Router [DR] is established within a LAN.
   (b) Each router establishes adjacency with DR only [Hub-Spoke model].

- Routing updates are greatly reduced.
- Neighbors still exchange "Hello" packets. But routing updates
  go through DR only.
- Backup DR is also elected to greatly reduce convergence time when
  DR goes down.

OSPF Convergence - Flooding
----------------------------
- On topology change, OSPF router flood LSA on all interfaces.
- In broadcast environments [Ethernet], DR will flood LSA on LAN.
   (a) Member router send LSA to DR/BDR using special multicast
       address - 224.0.0.6
   (b) DR sends LSA to all OSPF routers using 224.0.0.5 multicast
       address

OSPF Areas
----------
- To scale large networks and reduce link state database.
- Several types of areas: Backbone, Normal, Stubby, Totally Stubby,
  Not So Stubby Area [NSSA]
- Backbone area number is 0 [or 0.0.0.0]
- To prevent loops, all areas must be connected via backbone area.

Area Border Router:- Sits between edges of two areas, one of them
  being Area 0 [or backbone area]

Autonomous System Border Router:- Sits on edge of OSPF network and
  talks to other networks [BGP etc]


*** NOTE: When configuring OSPF, if we do not configure router ID,
    OSPF picks lowest loopback interface address. If there is no
    loopback interfaces, OSPF chooses the lowest interface address.


Administrative Distances
-------------------------

Static  1
OSPF    110
ISIS    115


/********************************************************************/
            Routing Information Base [RIB]
/********************************************************************/

- Each routing protocol builds its own routing table.
- RIB selects the best route from all these databases and puts it
  in its own database.


Router LSA [or LSA 1]
----------------------
- Talks to adjacent router in same area.
- Asks for network connected to this router.

> show ospf database

Network LSA [or LSA 2]
----------------------
- Used in broadcast domains such as Ethernet.
- DR informs about all the attached neighbors using LSA 2.
- Link ID = DR's IP address of interface connecting to LAN.
- Advertising Router = DR's router ID.
- LSA 2 are flooded within originating area.
- There is a limit of 300 neighbors in SmartEdge

> show ospf database - Gives list of Router LSA [lSA 1], Network
                       LSA [LSA 2] and Summary LSA [LSA 3]
> show ospf database network
> show ospf database network detail

Show commands
--------------
> show ospf <instance>  - gives most info about a routing instance
> show ospf area - info abour routing area
> show ospf context - instances running in given context
> show ospf statistics - operational stats

> show ospf neighbors - provides neighbor info
> show ospf interface - gives local interfaces info. You'll notice that
                        this info matches with intf info of neighbors too.
> show ospf global - global ospf info
> show ospf spf -


- In OSPF ABR, one interface can be in one area and one interface in
  another area. Its unlike ISIS where the whole router is in one area.

Summary LSA [LSA 3]
-------------------
- Originated by ABR.
- Summarizes networks present in one area for other areas.
- LSA 3 routes are labeled as Inter-Area routes in the table.
- Summary LSA are flooded throughout a single area only.
   (a) LSA 3 is never forwarded by ABR
   (b) When ABR receives LSA 3, it modifies LSA 3 and puts itself as
       next hop in it and then forwards the new LSA 3.


Summary Area Service Border Router LSA [LSA 4]
----------------------------------------------
- Originated by ABR
- Describes reachability to ASBRs
- Flooded throughout backbone area to other ABRs
- NOT flooded to stub and totally stubby areas


External LSA [LSA 5]
--------------------
- Originated by ASBR
- LSA 5 is flooded throughout OSPF domain except stubby and totally
  stubby areas.
- LSA 5 routes are labeled E1 and E2
  E1 = Cost of external and internal
  E2 = Cost is not included


Redistribution in to OSPF
-------------------------
- Network devices not capable of running OSPF when connected to an
  OSPF box, we need to inform those networks to OSPF domain.
- "redistribute" command under OSPF domain can be used.
   (a) We can redistribute routes learnt from following protocols
       bgp, connected, isis, nat, ospf, rip, static and subscriber


> debug ospf resdistribution - gives redistribution debug messages


Stubby Area
-----------
- Fully aware of OSPF domain but unaware of external networks
- Uses default route to ABR for external destinations
- Use Case: When large external domains exists, stubby routers
  reduce link state database
- All routers in stubby area must be configured as stubby to
  become stubby.
- ABR will block all LSA 4 and LSA 5
- ABR creates an LSA 3 creating a default route

Totally Stubby Area
-------------------
- Routers in this area aware of only its own topology.
- Extension of stubby area.
- Routers in this area are NOT aware of outside networks.
- Uses ABR as default router for outside network.

Route Summarization
-------------------
- Reduces routing table size
- Usually towards the direction of backbone router

Originate Default
-----------------
- Induces a default route in to OSPF domain so that external networks
  routing table need not be circulated in OSPF domain.


/********************************************************************/
 *                                                                  *
 *                         BGP Overview                             *
 *                                                                  *
/********************************************************************/

- What is an Autonomous System (AS)?
    - Routers run by an operator under a single administration.
    - Owned by ISP or large orgs.
    - Usually, AS runs IGP internally (OSPF and IS-IS).
    - Each AS has a number that is unique identifier and can be purchased from
      some authorities.
    - BGP connects AS.

- Adv/Disadv of IGP
    - Chatty protocol.
    - Fast convergence.
    - Don't scale well.
    - Hence BGP is needed.

- BGP can be deployed internally too (within same AS), called as iBGP.
- BGP routers connected to different AS uses eBGP protocol.

- Multi Homed AS
    - AS connected to more than one other AS, for redundancy.


- BGP is also used in L3VPN (more on this in L3VPN courses).

/********************************************************************/
 *                                                                  *
 *                         BGP Fundamentals                         *
 *                                                                  *
/********************************************************************/

- Uses TCP for transport (reliable) on port 179. Its connection oriented.
- BGP establishes peers (aka neighbors). Peers are configured manually (??).
- iBGP (used to create Transit AS). Used by wholesale operators and allow
  traffic from one AS to another to flow through it.
- eBGP is used to connect to other AS.

Why BGP?
--------
- Its a 'selective' protocol. Only shares prefixes that it is asked to share.
- Typical network has one or two routers on edge of AS, running BGP. Rest of the
  routers run an IGP.

Peering:
--------
- BGP uses a Finite State Machine (FSM) for peering.
- IDLE State:
    - BGP initiates all resources with its configured peer.
    - All inbound connections are refused as TCP connection to peer is
      initiated.
- CONNECT State:
    - Next state if initiation goes well.
    - Router waits for TCP connection to complete. BGP transitions from this
      state quickly to next one.
- OPENSENT State:
    - BGP sends OPEN packet out its interface and moves to this state if
      negotiation was successful. If not, it moves to ACTIVE state.
- ACTIVE State:
    - BGP restarts another TCP session with peer.
    - If success, BGP sends OPEN message and moves to OPENSENT state. And if
      BGP receives OPEN message back with correct settings, state changes to
      OPENCONFIRM.
    - If fails, BGP moves to IDLE state.

- OPENCONFIRM State:
    - If all goes well, BGP remains in OPENCONFIRM state and keeps sending
      KEEPALIVE messages. If KEEPALIVE is received within correct window, BGP
      moves to ESTABLISHED state.


BGP Messages:
------------
- OPEN: Connection params are established.
- KEEPALIVE: Is peer alive?
- UPDATE: Routing info is exchanged.
- NOTIFICATION: Sent when error condition is detected.

Sharing Prefixes:
----------------
- There are couple of ways to share prefixes in BGP.
    (a) Using 'network' statements. These are permit statements.
    (b) redistributing IGP routes (such as OSPF/IS-IS) in to BGP

- Network statements are semi-dynamic. It involves manual config, but BGP only
  advertises if its available in its routing table.
- Network statements can be used to advertise static routes also. In fact, this
  is most stable option if there is only one link from AS towards internet.

- 'redistribute ospf' distributes ALL IGP routes to BGP. Be careful!!!
- Usually a prefix is added at the end to indicate which prefix to redistribute.


# show bgp route    // has bunch of attributes that determines preferred path.

Next Hop:   Tells router of next hop IP.
Metric:     MED - Multi Exit Discriminator. Used when there are multiple
            entry/exit points in to a single AS.
LocPrf:     Local Preference. Higher is better. Its included in UPDATE msgs for
            iBGP within same AS. LocPrf is calculated for each external route
            and shared with peers. BGP, when choosing between two paths, chooses
            LocPrf with higher value.

Weight:     Local attribute. Not shared with peer. If multiple path's exists for
            SAME PREFIX, one with higher weight is chosen. Diff between Weight
            and LocPrf is that LocPrf is shared with peers

AS Path:    All AS traveresed by UPDATE message before it reached our BGP router.

Origin:     Value sent by sending BGP peer. i = iBGP, e=eBGP (deprecated),
            ?=unknown (mostly because this prefix is redistributed in to BGP)

- All these attributes are taken in to account for selecting best path.


BGP Path Selection:
-------------------
- There is a strict oder of path selection. How to select a path?

1. Is next hop accessible?
2. If all next hop's are accessible, prefer a path with largest weight (local
value).
3. If weights are equal, pick largest LocPrf path.
4. If LocPrf is same, pick route originated by this router.
    - Route configured by network command is prefered over aggregate command.

If all else are same then:
5. Prefer shorter AS PATH if none of the path is local.
6. Favor lower origin.
    - IGP is lower than EGP, EGP lower than incomplete.
7. Path with lowest MED (Metric) is picked.
8. Pick external over internal paths.
9. Prefer path via closest IGP neighbor.
10. Select path with lowest router ID.


BGP Route Summarization:
---------
- Summarization/Aggregation saves multiple entries in routing table.
- It hides link failures, thus saving on update messages between AS.







/********************************************************************/
 *                                                                  *
 *                         BGP Primer                               *
 *                                                                  *
/********************************************************************/

- Its an inter Autonomous System protocol
- Within an AS, IGP is used. But outside, BGP

- BGP exchanges network info with BGP neighbors only if configured to
  do so
- BGP neighbors are not auto discovered. One has to configure manually.
- BGP routing update carries list of AS it traversed ==> AS Path
- BGP routing updates are incremental.

- BGP uses TCP to exchange info on port 179
  - TCP chosen for reliability.
  - BGP peers required to be directly connected.

- BGP Messages
  (a) OPEN:- Used in initialization and establishing BGP connection.
             Parameter negotiation etc happens.
  (b) UPDATE:- Transfer routing info between BGP neighbors.
  (c) NOTIFICATION:- Sent when an error happens. BGP connection is
                     closed immediately.
  (d) KEEPALIVE:- To determine if peer is alive.


BGP Finite State Machine [FSM]
-------------------------------
- BGP maintains a FSM for each of its neighbor. Its very complex.
  RFC 4271 - complete details.
- A neighbor can be in 6 different states
  (a) Idle
  (b) Connect
  (c) Active
  (d) OpenSent
  (e) OpenConfirmed
  (f) Established


Idle
-----
- 1st state after configuring BGP peer. BGP FSM refuses all incoming
  BGP connections for this peer.
- Resources are being allocated.

Connect
-------
- TCP connections are being established between peers

Active
------
- If TCP connection fails then the FSM will move to Active state where
  peer will listen for connections and MAY establish a BGP connection
  in future.

OpenSent
--------
- Open msg is sent and wait for peer to respond

OpenConfirmed
-------------
- Received Open msg from peer. Waiting for KeepAlive msg.

Established
-----------
- FSM for peer is moved to this state and ready to exchange Update
  msg with peer.


- Once BGP connection is established, routing info is exchanged using
  Update msgs.
- Update msgs can contain either prefixes to be added or removed
  or both


Autonomous System Types
-----------------------

Stub AS
-------
- Is connected to only one other AS

Transit AS
----------
- Provides connections through itself to other AS, example: ISP

Multihomed AS
-------------
- Doesn't let traffic from one AS to another through it.
- Is connected to many AS
- Provides redundancy


Challenges with BGP next-hop
-----------------------------

t3 ----------+
             |
             |
t1 --------- t2 -------------- b1 (bgp | ospf) ---------
                 160.1.1.0/30
            I-BGP --->|<---  OSPF with AS 100
              |<--- E-BGP  --->|

1) Router b1 announces 50.1.0.0 to be available via next-hop 160.1.1.1
2) Router t2 will respect the next-hop from E-BGP and forward this to t1
3) Router t1 will learn 50.1.0.0 is reachable via next-hop 160.1.1.1
4) What happens if 160.1.1.0/30 is not in routing tables of AS 300 routers?
   >>> Destination unreachable ....

Solution:- t2 replaces the next hop info in the update with itself.

5) So, for t1, 50.1.0.0 network is reachable via t2.


I-BGP & Full Mesh
------------------
(a) I-BGP breaks routing loops by removing its own AS number from I-BGP
    update



                 +------ T3 ------+     T2 to T3 IBGP update
    AS 20        |                |     T3 to T1 IBGP update
EBGP 1.0.0.0/8   |                |     T1 to T4 IBGP update
       --------> T2   IBGP        T1    T4 to T2 IBGP update
                 |                |
                 |                |     Now, T2 thinks that it has 2 routes
                 +------ T4 ------+     to 1.0.0.0/8 network. One using EBGP
                                        and one using IBGP. A loop.


(b) I-BGP update will must not be forwarded further over I-BGP. Its has
    only one hop life.

                 +------ T3 ------+     T2 to T3 IBGP update
    AS 20        |                |     T2 to T4 IBGP update
EBGP 1.0.0.0/8   |                |
       --------> T2    IBGP       T1    T3 does NOT send to T1
                 |                |     T4 does NOT send to T1
                 |                |
                 +------ T4 ------+

For T1 to reach 1.0.0.0/8 network, it HAS to be connected to T2. Hence a
requirement for fully meshed network.

- All the routers in transit AS need to run BGP or tunneling protocol
  [MPLS or GRE]



Route Redistribution
---------------------
! Create a prefix-list named customers
ip prefix-list customers
  seq 10 permit 30.1.0.0/22 ge 24  ! all prefixes greater than equals 24

! In this route-map, we match ip addresses to an ip prefix-list
route-map cust-prefixes-only permit 10
  match ip address prefix-list customers
router bgp 20
  address-family ipv4 unicast
! we redistribute but run a route-map called cust-prefixes-only
  redistribute ospf 1 route-map cust-prefixes-only


Prefix Aggregation
------------------

router bgp 20
  aggregate-address A.B.C.D/M summary-only


>>Read Again: BGP Attributes<<
BGP Attributes
---------------
#show bgp route

(a) Next Hop:- defines the IP addr of next hop
(b) Metric, which is MED - Multi Exit Discriminator
(c) Local Preference
(d) Weight
(e) AS Path:- Identifies the AS that the UPDATE has passed
(f) Origin:- 3 values
    i - prefix configured via n/w statement
    e - originated via EGP
    ? - incomplete, most likely redistributed into BGP


/********************************************************************/
 *                                                                  *
 *                         MPLS Overview [basic level]              *
 *                                                                  *
/********************************************************************/
- MPLS is important because voice, video and data networks can be
  converged in to single MPLS based network.
- What is the need for convergence?
- First service provided by providers was voice [telephone]. They used
  landlines.
- Next, in the evolution, TV & Video and then data [internet] came along.
- All 3 used 3 different infrastructure.
- Each of these 3 services needed special/extra technologies.
- During the course of telco evolution, multiple technologies were
  introduced.
- Often, the same technologies were used to build different networks for
  video, voice and data.


      |       |       |        |              |                  |
      |       |       |        |              |     data         |      End user services
      |       |       |        |              |                  |
      | Voice |       |  Video |              |                  |
      |       |       |        |            +----------------------+    Statistical multiplexing
      |       |       |        |            |         IP           |    Service flexibility
      |       |       |        |            +----------------------+
      |       |       |        |                       |
      |       |       |        |                       v
    +---------------------------------------------------------------+   QoS
    |                         ATM                                   |   Connection oriented
    +---------------------------------------------------------------+   Statistical multiplexing
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+   High availability
    |                     Sonet/SDH                                 |   SLA monitoring
    +---------------------------------------------------------------+   Provisioning
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |   High bandwidtch
    +---------------------------------------------------------------+


- This model was expensive to build. But each verticle model generates its
  own revenue, the cost was recovered.

- Services offered traditionally over legacy telecom infra started moving
  towards IP.
- This put demand on IP to provide support for real time applications such
  as voice.
- For voice applications, packets must arrive in the same sequence as it
  was sent. IP networks does not guarantee that.

- In order for the packets to arrive in same order, they have to be sent
  along same path ***
- This is against IP network design.

*** I don't think so. Receiver can reorder packets.

- MPLS came in to picture. It's an extension of IP. It introduced fixed
  path for IP packets.
- It added QoS capabilities to IP networks.


>>>> Impact of MPLS in Telecom Networks <<<<



      |       |       |        |              |                  |
      |       |       |        |              |     data         |      End user services
      |       |       |        |              |                  |
      | Voice |       |  Video |              |                  |      Statistical multiplexing
      |       |       |        |            +----------------------+    Service flexibility
      |       |       |        |            |      MPLS/IP         |    QoS
      |       |       |        |            +----------------------+    Connection oriented
      |       |       |        |                       |
      |       |       |        |                       v
    +---------------------------------------------------------------+   QoS
    |                         ATM                                   |   Connection oriented
    +---------------------------------------------------------------+   Statistical multiplexing
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+   High availability
    |                     Sonet/SDH                                 |   SLA monitoring
    +---------------------------------------------------------------+   Provisioning
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |   High bandwidtch
    +---------------------------------------------------------------+








- If we see, role of ATM and MPLS/IP are the same. So, ATM was no longer
  necessary in data networks.

      |       |       |        |              |                  |
      |       |       |        |              |                  |      End user services
      |       |       |        |              |                  |
      | Voice |       |  Video |              |   data           |
      |       |       |        |              |                  |
      |       |       |        |              |                  |
      |       |       |        |              |                  |
      |       |       |        |              |                  |
      |       |       |        |              |                  |
    +------------------------------+        +----------------------+
    |         ATM                  |        |     MPLS/IP          |
    +------------------------------+        +----------------------+
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+   High availability
    |                     Sonet/SDH                                 |   SLA monitoring
    +---------------------------------------------------------------+   Provisioning
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |   High bandwidtch
    +---------------------------------------------------------------+




- MPLS/IP proved to be stable and given the growth of IP, it seemed reasonable
to invest in IP. So, ATM slowly got pushed out.

- Eventually, some voice networks are still using legacy ATM networks and MPLS/IP
started supporting this ATM. The new network model was like this





      |       |       |        |              |                  |
      |       |       |        |              |                  |
      |       |       |        |              |                  |
      | Voice |       |  Video |              |      data        |
      +-------+       |        |              |                  |
      | ATM   |       |        |              |                  |
      +-------+       |        |              |                  |
          |           |        |              |                  |
          v           |        |              |                  |
    +---------------------------------------------------------------+
    |                         MPLS/IP                               |
    +---------------------------------------------------------------+
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Sonet/SDH                                 |
    +---------------------------------------------------------------+
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |
    +---------------------------------------------------------------+



- ATM became one of the transport layer protocols supported by MPLS

- To reduce the cost, Operators removed the vertical separation in the
  network. They combined, Voice, Video & Data in to a single network.

- To further reduce costs, Operators considered reducing layers. WDM
  cannot be removed as it provides bandwidth. MPLS provides flexibility.

- So, if the functionality of Sonet/SDH can be moved to MPLS, that layer
  can be removed.

- MPLS-TP is an extension of MPLS that provides this additional
  functionality of High Availability, SLA Monitoring and Provisioning.


Eventually,





        Voice            Video       Data
          |                |          |
          |                |          |
          |                |          |       +------------+
          |                |          |       | Legacy     |
          |                |          |       | Sonet/SDH  |
          |                |          |       +------------+
          |                |          |             |
          |                |          |             |
          v                v          v             v
    +---------------------------------------------------------------+
    |                         MPLS/IP                               |
    +---------------------------------------------------------------+
            |                                                 |
            |                                                 |
            v                                                 v
    +---------------------------------------------------------------+
    |                     Fibre/WDM                                 |
    +---------------------------------------------------------------+





>>>> Benefits <<<<<

- Allows true convergence of all networks [voice, video & data]
- MPLS networks provide ability to offer wide range of news services.
  Some of them are:
    - Business VPN for secure communication


>>>> What exactly is MPLS? <<<<

- It is a protocol to define label switching technology.
- It can be seen as an extension to IP.
- By itself, MPLS doesn't provide various services and QoS functionality.
  MPLS works with rest of the protocols [OSPF, BGP, IP, ISIS etc] to give
  the above functionality.


>>>> How does MPLS work? <<<<

- Primary activity in MPLS network is establishing of Label Switched Path
  [LSP] in the network.

>>>> Acronyms <<<<
MPLS/IP --> It is the first extension [or standard] defined for IP traffic.
            It provides IP services and IP forwarding.

MPLS-TE --> MPLS Traffic Engineering. To provide QoS.

GMPLS --> Generalized MPLS, for optical networks.

MPLS-TP --> MPLS Transport Profile.















/*******************************************************************/
 *                                                                  *
 *              MPLS Fundamentals [Intermediate]                    *
 *                                                                  *
/********************************************************************/

Why MPLS?

- MPLS was designed to bring more 'packet-switching' behavior such as ATM
  and Frame Relay in to IP

- On packet-switched networks, packets are routed through various routes
  and could reach destination out of order causing poor QoS due to
  re-sequencing.

Why MPLS: IP vs ATM

- ATM is based on cell-switching. It is similar to IP packets
  fragmentation but the packet size is fixed, 48 bytes and 5 bytes of
  header = 53 bytes.

- ATM headers have Permanent Virtual Paths [PVCs] that are taken by cells
  between same source and destination. This is unlike IP. Hence cells are
  not reordered in transit.

- ATM header contains Virtual Path Identifier [VPI] and Virtual
  Channel/Circuit  Identifier [VCI] that define the PVC.

- ATM offers precise traffic flow control over the network.

- Frame Relay also uses labels called DLCI - Data Link Connection
  Identifier.

- DLCI has channel number that is similar to labels and is used in routing
  traffic.

- TDM is another technology using timeslots.

- So, why use a new label based technology when ATM/FR etc already exists?

- MPLS is based on IP. ATM/FR is not. It is evident that future
  applications will be based on IP. MPLS is stable and popular technology
  which can combine label-switching over IP core and control plane.


What is MPLS? [Multi-Protocol Label Switching]

- A well defined label switching technology. It combines switching
  principles of ATM with flexibility of IP.

- "Multi-Protocol" is used in the name because it is protocol agnostic.
  Labels can be attached to IPv4, IPv6 and L2 frames. MPLS carries these
  packets over L2.

- MPLS removes any dependencies over L2 technology. MPLS packets can be
  carried over ATM, Sonet/SDH, PPP, HDLC or Ethernet.

- "Label Switching" in the name means that MPLS is a switching protocol.

- A label is a fixed length, locally significant idetifier used for packet
  flow.

- There can be multiple levels of labels. The MPLS packets are "switched"
  and not "routed" through the network.

- MPLS was originally designed to make routing faster because the
  assumption was that the fixed label size lookup is quicker than longest
  prefix match used by IP routing. This is no longer true.

- The value in MPLS now is in traffic engineering.


MPLS challenges IP Networks

- MPLS addresses 2 major challenges within IP networks

(a) QoS - Quality of Service
- MPLS provides predictable paths for IP traffic. It is very similar to
  ATM PVCs.
- Predictable path allows for traffic engineering and allows for triple
  play.
- Traffic Engineering means we have control over the paths that packet
  takes and can design our network accordingly.
- Example
     - Voice traffic is small and doesn't use up much bandwidth. But
       requires speed, precision/reliability and predictable paths.
     - File transfers need lot of bandwidth but does not have similar
       requirements for speed and reliability.

- So we can design our network that suits each traffic requirements.

(b) VPN - Virtual Private Networks
- ISP's provide IP VPN. Providers can separate networks by just adding
  another label in front of an IP packet. Different customers can even use
  overlapping IP addresses.




MPLS and OSI Model

L7  Application
L6  Presentation
L5  Session
L4  Transport
L3  Network
L2  Data Link
L1  Physical

- MPLS is neither L2 nor L3. In MPLS, there is still L2 encapsulation
  [src/dest mac addrs etc]
- There is also L3 functionality of label switching between routers.
- Hence is a Layer 2.5 protocol


MPLS Functions & Roles

LSP - Label Switch Path
- Its a unidirectional flow of traffic.
- Packets cannot be injected in this path in the middle. They enter at the
  beginning and exit at the end of the path.

MPLS Header
- MPLS uses a 32 bit header to identify the label.


    +---------+-----------+----------------------------------------------+
    |  L2 HRD |  MPLS     |         IP packet                            |
    |         |  HDR      |                                              |
    |         |           |                                              |
    +---------+-----------+----------------------------------------------+
              |           |
              |           |
    +---------+           +----------+
    |                                |
    v                                v
    +-------------+----+---+---------+
    |             | E  |   |         |
    |   label     | X  | S |   TTL   |
    |             | P  |   |         |
    +-------------+----+---+---------+

- Label = 20 bit field carrying value of MPLS label
- EXP = 3 bit experimental field.
        * Defines class of service the packet belongs to.  Can identify
        * priority of the packet used in queuing during its transport
          through different network elements.
- S = 1 bit "Stack" field. MPLS packet can have multiple labels. If this
  bit is set, this label is at the bottom of the stack of labels. If bit
  is set to 0, then there are no more labels in the stack.
- TTL








/*******************************************************************/
 *                                                                  *
 *                         MPLS L3VPN Pimer V2                      *
 *                                                                  *
/********************************************************************/

- VPN services over IP by ISPs
- Customers communicate over providers backbone just like a private
  router/network.
- L3VPN is quite complex in implementation on providers side. Involves
  IP, IGP, BGP, MPLS


MPLS 101
----------
- Addresses 2 major challenges within IP networks
  (a) QoS
        - MPLS provides predictable paths for IP traffic, similar
          to ATM pvc
        - This allows for traffic engineering and enables network
          for triple play services
  (b) VPN
        - providers can separate customer networks by just adding
          MPLS label in front of IP packet
        - Customers can even use overlapping IP spaces as IP is not
          exposed to provider backbone

- Multiprotocol Label Switching is a layer 2 protocol. Doesn't exactly fit
  OSI model, but its closer to L2.
- Adds a fixed size header to packets entering MPLS network.
     - Label is the most important part of header
     - Its short, fixed length and locally significant identifier used to
       identify a packet flow.
     - Rest of the fields in header contains TTL, EXP bits etc.
- Forwarding decisions are based on contents of the label
- Packets are classified at the edge of MPLS network
     - 2 packets with same label travel over exactly the same MPLS network
     - Its similar to circuit swtiched network
- MPLS labels can be attached to pure IP packets or L2 packets like
  Ethernet.  So, applications like VPLS can use MPLS too.


Example
-------

CE ------+                                                +------- CE
         |                                                |
         |                                                |
         +------ PE ------- P ------- P ------- PE  ------+
         |                                                |
         |                                                |
CE ------+                                                +------- CE

CE = Customer Edge
PE = Provider Edge
P  = Provider Backbone Routers

(1) CE sends packets to PE router
(2) PE adds label to packets and sends to P router [push action]
(3) P router switches packets based on labels to destination [swap action].
    At each P router, labels are swapped.
(4) PE router removes label and forwards packet to egress CE [pop action]

NOTE:
- Egress PE routers just removes label and forwards it on CE.
- So, label has no significance on PE
- PE routers are very busy [shaping, ip lookup] and not as powerful
  as P routers. So, its not very useful to lookup labels for this
  router.
- So, PE can delegate this label lookup to P router.
- PE does this by sending a special label [label 3] to P and P will
  remove the label and send plain IP packet to PE.

PHP - Penultimate Hop Popping
------------------------------
- This process of delegating label removal to last P router by PE
  router is called Penultimate Hop Popping.


Label Switch Path [LSP]
-----------------------
- Creates a unique path between two PE routers
- Can be seen as a tunnel identified by labels
- MPLS labels have local significance and are changed at every hop



  CE ------+                                                +------- CE
           |                                                |
           |                                                |
           +------ PE ------- P1 ------- P2 ------- PE  ------+
           |                                                |
           |                                                |
  CE ------+                                                +------- CE
10.1.1.1                                                         10.1.2.1


CE --> PE = IP Packet
PE --> P1 = 300 + IP Packet [push]
P1 --> P2 = 400 + IP Packet [swap]
P2 --> PE = IP Packet [PHP]
PE --> CE = IP Packet


- Each MPLS router maintains switch table containing ingress and egress
  label mapping [LFIB - Label Forwarding Information Base]


Building LFIB
--------------
- Labels are locally significant
- Router picks labels arbitrarily and expects neighbors to use it
- 2 protocols are used to automate label learning [apart from manually
  configuring them]
- Label Distribution Protocol [LDP]:- Easy to configure but less control
  over LSP
- RSVP:- More complex but greater control. Used where QoS is needed.


MPLS Label Stacking
--------------------
- Multiple labels are attached to an IP packet
- Only 1st label is read. After its popped, next label is examined
- Stacked labels are used in VPN applications
- For example: Outer labels are used for MPLS routing and inner for VPN
  application


VPN A                                                            VPN A
                                                                 10.1.2.1
  CE ------+                                                +------- CE
           |                                                |
           |                                                |
           +------ PE ------- P1 ------- P2 ------- PE  ------+
           |                                                |
           |                                                |
  CE ------+                                                +------- CE
10.1.1.1                                                         10.1.2.1
VPN B                                                              VPN B


- Ingress PE needs to add 2 pieces of info to packet
  (a) Which VPN does this packet belong to --> inner label
  (b) Which LSP should be used to reach egress PE --> outer label

VPN B CE --> PE = IP Packet [D: 10.1.2.1, S: 10.1.1.1]
PE --> P1 = MPLS: 300 + MPLS: 888 + IP Packet [2 pushes]
P1 --> P2 = MPLS: 400 + MPLS: 888 + IP Packet [1 swap]
P2 --> PE = MPLS: 888 + IP Packet [php]
PE --> CE = IP Packet [pop]

- Egress PE removes the inner label


MPLS Terminology
----------------
P Router = Provider Router
LSR = Label Switch Router, same as P Router
PE Router = Provider Edge Router
Edge-LSR = Same as PE Router
LSP = Label Switch Path
LFIB = Label FIB
Outer Label = Distributed via LDP or RSVP
Inner Label = Distributed via iBGP


Routing in L3VPN network
------------------------
- Provider backbone represents itself as a single router to CE
- Ingress and Egress PE have to sync customer's routing info in
  some way
- iBGP is used to do that due to its flexibility and scalability


L3VPN Routing Challenges
------------------------
- Overlapping IP prefixes. For example 40.1.1.0/24 and 50.1.1.0/24.
  How will iBGP will resolve this at ingress and egress PE?

- They are solved in 2 ways?
  (a) Route Distinguisher
  (b) Route Target

Route Distinguisher [RD]
-------------------------
- Add a 96 bit header
- Combination of RD & IP called as VPN-IPv4 address family
- BGP will support this VPN-IPv4 address family
- RD has to be globally unique to allow cross domain routing

- 2 ways to build RD
   (a) AS:number
   (b) IP:number

- RD is not very flexible


Route Target [RT]
-----------------
- used to differentiate prefixes among VPNs
- Its an extended BGP community attribute
- Ingress PE adds given RT to VPN-IPv4 address based on config.
  Its called export.
- Egress PE checks RT and decides in which VPN prefix should be
  installed. Its called import.
- Both sides of a VPN should be configured for the same RT






/********************************************************************/
 *                                                                  *
 *                         VPLS Overview                            *
 *                                                                  *
/********************************************************************/












/********************************************************************/
 *                                                                  *
 *           IP QoS Intro [PWFQ Intro]                              *
 *                                                                  *
/********************************************************************/

On SmartEdge

- PWFQ is multi-level hierarchical scheduling that combines PQ and WFQ.
- Subscriber sessions is associated with a cct within a port.
- Each cct can have up to 8 queues providing differentiated traffic flows
  towards a subscriber.

- For an incoming packet, SmartEdge can do:
    Classification
    Marking
    Congestion Management
    Queuing

- Queuing and scheduling is done on egress PPA only
-



/********************************************************************/
 *                                                                  *
 *                          QoS Primer                              *
 *                                                                  *
/********************************************************************/

Terminology
------------

Classification
--------------
- Based on configured params, looking at the packet and concluding what
  QoS to apply to it


Marking
-------
- A mechanism to label packets to inform system on how to treat them


Queuing & Scheduling:- Congestion Management/Avoidance algos
-------------------------------------------------------------
- Performed on egress PPA
- Based on priority values in PD label, packets at egress PPA will be
  sorted in to different labels
- Scheduling is a way to empty queues


Rate of Transmission
---------------------

Token Bucket Formula
---------------------
- Its not a queuing mechanism

- rate(bits/sec) = Burst Size (bytes)/Time Committed (sec)
- Rule of thumb for Time Comitted is 1.5 seconds.
- Burst Size (bytes) = rate (bits/sec) * 1.5

- Tokeb Bucket provides "credits" to traffic during Time Committed
  interval
- If credites are available during TC, packets are considered conforming
  traffic
- If not, packets are considered exceeding traffic


QoS Metering/Policing
---------------------
- A tool to classify and rate limit traffic without using queues
- Policing:- will apply on packets entering the traffic card
- Metering:- will apply on packets leaving the traffic card
- So, both policies can do classification and rate limiting but direction
  is different.
- M/P can be applied per-port, per-circuit, per-session, per-class


Example of a Metering
----------------------

                     qos policy <name> metering
                                 |
                                 |
             Mark ---------------+--------------------- Rate
               |                                         |
               |                                         |
       DSCP ---+                             Exceed -----+-------- Conform
               |                                |                    |
               |                       Drop ----+                    +--- Mark
 Precedence ---+                                |                    |
               |                        Mark ---+                    +--- no-action
               |                                |
  Priority ----+                   no-action ---+


- Apply the policy to port/cct etc
   port ethernet 2/2
        qos policy metering <name>



Example of Policing
-------------------

                     qos policy <name> policing
                                 |
                                 |
             Mark ---------------+--------------------- Rate
               |                                         |
               |                                         |
       DSCP ---+                             Exceed -----+-------- Conform
               |                                |                    |
               |                       Drop ----+                    +--- Mark
 Precedence ---+                                |                    |
               |                        Mark ---+                    +--- no-action
               |                                |
  Priority ----+                   no-action ---+


- Apply the policy to port/cct etc
   port ethernet 2/2
        qos policy policing <name>


Queuing
--------
- Traffic classified for queuing is labeled with an internal priority
  number inside the Packet Descriptor
- PD is used to map packets to output queues
-





+------+ +------+ +---+ +----+ +-----+ +---+ +----+ +-----+ +----+
| Ping | |Telnet| |FTP| |SMTP| |Trace| |DNS| |TFTP| |BOOTP| |SNMP|
+------+ +------+ +---+ +----+ |Route| +---+ +----+ +-----+ +----+
                               +-----+


       +-----+                                  +-----+
       | TCP |                                  | UDP |
       +-----+                                  +-----+

                               +----+
                               | IP |
                               +----+


        +----------+    +-----------+
        | Ethernet |    | Token Ring| ....
        +----------+    +-----------+




/****************************************************/
               Address Resolution Protocol (ARP)
/****************************************************/


- ARP: IP to MAC address conversion
- Applies only on a LAN
- Ethertype for ARP is 0x0806


   0                                          31
   +----------+----------+----------+----------+
   |      HW   TYPE      |  Protocol   Type    |
   +----------+----------+----------+----------+
   | HW Len   | Prot Len |        Operation    |
   +----------+----------+----------+----------+
   |       Sender MAC (HW) address             |
   +----------+----------+----------+----------+
   | Src HW addr (cont)  |  Src Protocol Addr  |
   +----------+----------+----------+----------+
   |Src Prot addr(cont)  | Dest HW addr        |
   +----------+----------+----------+----------+
   |             Dest HW addr (cont)           |
   +----------+----------+----------+----------+
   |             Dest Protocol Addrs           |
   +----------+----------+----------+----------+


- HW Type (16-bit): 1 for Ethernet. Some other value for token ring, fiber
  etc.
- Protocol Type (16-bit): 0x0800 for IP, purposefully same as the type
  value in Ethernet frame.
- HW Len: Len of HW address in bytes. For MAC address, its 6 bytes.
- Prot Len: For IP, its 4 bytes
- Operation: ARP Request/Reply etc
- Next 4 fields are senders HW/IP and destination HW/IP address. Note that
  there is duplication of this info in Ethernet Frame as well.


>>>>> Proxy ARP <<<<<
- This lets router answer ARP requests on one of its network for a host on
  another of its network.
- This lets hosts think that destination is the router, while its on
  another network.

>>>>> Gratuitous ARP <<<<<
- When a host sends ARP request with it's own IP and MAC.
- Both src and dst IP are host's IP. MAC is broadcast address.
- No response is expected for this ARP request.
- If an ARP response is received as a result of Gratuitous ARP, it means
  there's an IP conflict/collison.


/****************************************************/
               Domain Name System (DNS)
/****************************************************/
- Put simply, its a globally distributed key-value store. Servers around the
  world can give you value associated with a key.
- If they don't know, they'll ask other servers for answer.
- 'dig' command on Linux is very useful in examining DNS  messages.

BRIEF HISTORY OF DNS
---
- HOSTS.TXT file contained all hosts on ARPANET and their IP addresses. Very
  similar to /etc/hosts file
    - Slow, manually updated by admins, shared via FTP
    - Prone to errors, search was linear
    - Files were extremely large

- BIND is popular open source implementation of DNS


           BIND 4              MSFT DNS Server          BIND 9
             |                      |                      |
  1983       |         1987         |           1997       |
    o--------o-----------o----------o------------o---------o
    |       1984         |        1993           |       2000
    |                    |                       |
 RFC 882            RFC 1032                  BIND 8
 & 883               to 1033

- Variations of BIND 9 is still in use today.


- DNS is a distributed database
    - It is partitioned into Zones

- DNS is organized as an inverted tree.
    - Each node in the tree has a label
    - Label is 0 to 63 bytes in lenght. Up to 64 chars


ZONES
-----
DOMAINS (& SUB-DOMAINS)
    - Everything at and below a node in DNS tree is domain.

DELEGATION
- Root domain is managed by ICAAN. Root is just "" domain.
- Under root domain, we have com, edu. org, mil etc domains
- .com is managed by Verisign. ICAAN delegates responsibility of .com to
  Verisign.
- Verisgn deligates resposibility under .com to many other entities.


Internet Namespaces
---
- Intially, only 7 top-level domains
    com - commercial
    edu - educational
    gov - governmental
    int - international treaty org (nato.int)
    mil - military orgs
    net - networking orgs (NSF.net)
    org - non-profits

- International Domain Names
    - International Chars can be used in domain names
    - But DNS understands only ASCII chars. So, PUNYCODE is used.
    - PUNYCODE encodes chars from non-ASCII scripts into ASCII
        - After encoding, they start with xn--
            xn--mxtq1m
            xn--qcka1pmc
    - Browsers support IDNA (Internationalized Domain Names in Applications)
    - They take chars in other languages and convert them into PUNYCODE


Authority
---
- Name Servers (NS) load data in Zones, the administrative units in DNS.
    - NS can load thousands of Zones. But no NS can load ENTIRE namespace (like
      com or edu. Too big)
    - NS that loads an entire Zone is called Authoritative NS for that Zone.
    - NS then responds to queries from DNS resolvers or other NS


Resolvers
---
- DNS resolvers understand low-level format of DNS queries. They are complex
  and abstracted away.
- When you type a domain name (like www.amazon.com) in browswer there is a
  "stub resolver" in your browser or OS that initiates a DNS query.
- Stub Resolver tries to get answers to question: "I want to know the IP of
  www.amazon.com"
- Stub Resolver queries Recursive Resolver
- Recursive Resolver does the heavy lifting to answer DNS query.


Resolution
---
    Resolver queries Name Server, say NS1
    NS1 queries Root Server
    RS refers to other NS, say NS2
    NS1 queries NS2
    NS2 refers to other NS, say NS3
    NS1 queries that NS3
    ....
    Finally NS1 gets IP to Domain Name resolved by some NS
    NS1 responds to Resolver

- Queries are Recursive or Non-Recursive
    - In above example, NS1 is making non-recursive query to other NS
    - This is intentional. NS1 get referred to other NS.
    - Referrals have valuable info.

- DNS is UDP based. Protocol contains following
    header (mandatory)
    question (mandatory)
    answer
    authority
    additional

    - header and question sections are always present. Even in *referral*
      queries

    HEADER
        - OPCODE = QUERY
        - qr bit: 0 for query and 1 for response
        - rd bit: recursion desired

    QUESTION
        - Domain Name the querier is interested in
        - Class = IN for InterNet
        - Type: of data (record) querier is interested in


Bootstrapping Resolvers
---
- DNS runs on UDP (or TCP as fallback, if UDP fails).
- DNS requests goes over port 53
- UDP is cheaper (because it is stateless). Hence it is preferred in this case.

- But UDP traffic also needs DNS resolving. How is this circular dependency
  broken?
    - Using DHCP.

Stub Resolver:
    - Stub Resolvers are in Browsers or OS.
    - When they boot up, they make DHCP call and get the IP of DNS server.

Recursive Resolver:
    - This is more involved.
    - There is a ROOT HINTS file.
        - It's a file containing IPs of global Root NS.
        - This list is maintained by IANA on behalf of ICAAN.


Registrars and Registries
---
    www  .   amazon  .  com  .
                             ^
                             |
                             +--- Dot is Root Zone.
                                  ICAAN controls this.

- ICAAN decides who manages 'com', 'us', 'uk' etc. They are called TLD (Top
  Level Domains)
- 'us' belongs to USA and a company manages it on behalf of USA. Similarly for
  'uk'.
- TLD owners are called 'registries'.


DNS queries looks like this (when using 'dig')

    www.amazon.com    300    IN    A    192.0.2.1
      (NAME)         (TTL)  (CLS) (TYPE)  (DATA)

Query Tuple = (Name, Type, Class)


CACHING
---
- NS caches resource records, especially the other NS
- TTL determines how long to cache the record. Stub Resolver, when it asks for
  DNS record, it gets 'remaining TTL' back as response from Recursive Resolver.
- There are false 'rumors' on internet that DNS TTL is not honored by
  DNS clients. Not true.


SERVER SELECTION AND RETRIES
---
- There are many NS in a Zone that has info about Domain Name. Which NS to
  query?
    - BIND NS uses RTT to determine which NS to query.
    - If a query fails, BIND retries to another NS

Types of NS
---
- Authoritative NS
- Caching NS
- Recursive NS

Authoritative NS
---
- A NS authoritative for one or more zones
- Primary function is to respond to non-recursive queries.
- Some times, recursion is disabled.

Recursive NS (a.k.a Caching NS)
---
- Is recursive in nature
- They cache responses and sometimes called Caching NS.
- Caching and Recursive NS are interchangeable.


Authoritative NS are of two types
    - Primary NS
    - Secondary NS


- Common DNS record types
    A (IPv4 Host address)
		* name to IPv4 translation.

    AAAA (IPv6 host address)
		* name to IPv6 translation.

    ALIAS (Auto resolved alias)
    CNAME (Canonical name for an alias)
    MX (Mail eXchange)
    NS (Name Server)
		* Identify DNS servers for a zone
        * A zone contains one NS-record for each of it's own DNS servers, both
          primary and secondary.

    PTR (Pointer)
    SOA (Start Of Authority)
        * A zone contains exactly one SOA record containing properties of zone

    SRV (location of service)
    TXT (Descriptive text) type

- Many more DNS record types exists.

[1] https://simpledns.com/help/dns-record-types
[2] 0x6 - A deep dive into DNS --> https://youtu.be/drWd9HIhJdU

/****************************************************/
               Neighbor Discovery (ND) [9]
/****************************************************/
- IPv6 Neighbor Discovery is set of messages to discover relationships
  between neighboring nodes.
- ND replaces ARP, ICMP Router Discovery, ICMP Redirect and provides
  additional functionality.
- ND is described in RFC 2461.

Hosts:
---
- ND is used by hosts to discover neighbors, address prefixes and config
  params.

Routers:
---
- ND is used by routers to advertise their presence, advertise host config
  params and address prefixes.
- Informs hosts of better next-hop address to forward packets for specific
  destination.

TODO: yet to complete


/****************************************************/
               UDP (User Datagram Protocol)
/****************************************************/

- Unreliable, datagram-oriented


    0                            15 16                          31
    +------------------------------+------------------------------+
    |  Src port number             |  Dest port number            |
    +------------------------------+------------------------------+
    |  UDP length                  |  UDP Checksum                |
    +------------------------------+------------------------------+
    |                       data (if any)                         |
    +------------------------------+------------------------------+

- Length is minimum 8 bytes (header alone).
- Checksum is to verify header (and not data). Actually, checksum verifies
  Src/Dst IP and Protocol numbers, in addition to UDP header.

- DNS and DHCP uses UDP due to speed of protocol.


/****************************************************/
               TCP (Transport Control Protocol)
/****************************************************/


    0                            15 16                          31
    +------------------------------+------------------------------+
    |  Src port number             |  Dest port number            |
    +------------------------------+------------------------------+
    |                    Sequence Number                          |
    +------------------------------+------------------------------+
    |               Acknowledgement Number                        |
    +----+-------------------------+------------------------------+
    |Data offset |  Reserved  |U|A|P|R|S|F|      Window           |
    +----+-------------------------+------------------------------+
    |         Checksum             |     Urgent Pointer           |
    +------------------------------+--------------+---------------+
    |                Options                      |    Padding    |
    +------------------------------+--------------+---------------+
    |                       data (if any)                         |
    +------------------------------+------------------------------+




/****************************************************/
            Chapter 29 VPN Technologies
/****************************************************/

- Main classes of VPNs: (a) Site-to-Site (b) Point-to-Point (c) Remote Access.
- Most VPNs need some form of tunneling to isolate traffic.
- VPN protocols:
        (a) Point to Point Tunneling Protocol (PPTP)
        (b) Layer 2 Tunneling Protocol (L2TP)
        (c) IPSec
        (d) SSL

Point-to-Point Tunneling Protocol (PPTP)
-------
- An extension of PPP. Most widely used. Default on Windows and promoted
  big by Microsoft. Other vendors (Juniper, Cisco) have support too.
- MS implementation encapsulates data in PPP and encrypts using Microsofts
  Point-to-Point Encryption (MPPE). Authentication is provided by in-built
  dialup authentication protocols.
- Encrypted data is sent within a Generic Routing Encapsulation (GRE)
  packet.
- GRE packet is then encapsulated within IP within L2 headers and so on.
  GRE is an L3 protocol.
- PPTP uses a separate, unencrypted channel to open, close and maintain a
  connection.
- PPTP clients use dynamic port and servers use 1723 port to establish
  connection.
- PPTP establishes connection but does not provide encryption. MPPE is
  used for encryption in Windows platform.
- PPTP can be used with many authentication and encryption options.
  Extensible Authentication Protocol (EAP) can be used to enhance security
  of PPTP.

- PPTP is popular but may one day be replaced by L2TP and IPSec.


Layer 2 Tunneling Protocol (L2TP)
--------
- Cisco is primary driver of L2TP.
- L2TP combines features of PPTP and Cisco'sLayer 2 Forwarding (L2F)
  protocols
- IPSec's Encapsulating Security Payload (ESP) provides encryption for
  L2TP protocols.
- L2TP, by itself, does not have encryption and not worth using w/o
  encryption.
- L2TP does not use a separate channel for control data as PPTP does.
  Control data is part of L2TP communication.

Advantages of L2TP over PPTP
--------
- Can be used over non-IP networks.
- Provides 'replay protection', an extra level of security.


IPSec
----
- Collection of multiple related protocols that can be used as a complete
  VPN solution.
- Can be used by itself as tunneling proto or used as encryption scheme
  along with L2TP or PPTP.
- Has two encryption modes: (a) Tunnel (b) Transport.

- Tunnel: Encrypts header and payload.
- Transport: Encrypts only payload.

- Often considered a standard solution for site-to-site VPNs connecting
  two LANs.
- IPSec exists at Layer 3 and obviously needs IP to run.



The Internet Security/Key Management Protocol and Oakley (ISAKMP)
---
- ISAKMP provides way for two nodes to agree on security settings (including key
  exchanges) and use it to communicate securely.
- Security Association (SA) provides all info needed for exchange between two
  nodes. SA contains:
    * Policy aggreement containings algos, keys etc

- This involves two steps between two computers

Step 1:
---
1. Encryption algo to be used (DES, triple DES etc)
2. Algo used to verify messages (MD5 or SHA-1)
3. How connections will be authenticated: public-key certs, shared secret key or
Kerberos

Step 2: Once above negotiations are sorted out, 2nd round of negotiations take
place
---
1. Whether Authentication Header (AH) protocol will be used.
2. Whenter Encapsulating Security Payload (ESP) protocol will be used.
3. Which encryption algo will be used for ESP
4. Which authentication protocol will be used for AH


- IPSec has two mechanisms to securely send/recv data over public networks. You
  can use both or just one of them.

- Authentication Header (AH)
- Encapsulating Security Payload (ESP)


Authentication Header (AH) - 128 bits
--------------------------
- AH sits between IP and TCP(or UDP) layer as shown below.


                       Checksum is on entire IP layer and above. It's stored in AH.
               │                                                                         │
               ◀─────────────────────────────────────────────────────────────────────────▶
               │                                                                         │
               ┌─────────────┬────────────────┬───────────────────┬──────────────────────┐
               │             │                │                   │                      │
               │     IP      │       AH       │    TCP or UDP     │        Data          │
               │             │                │                   │                      │
               └─────────────┴────────┬───────┴───────────────────┴──────────────────────┘
                                      │
                                      │
                                      │
                                      ▼

                        8: Next Header (TCP or UDP etc)

                        8: AH size (measured in 32 bit words)

                        16: Reserved. MUST be set to zero.

                        32: Security Parameter Index (SPI): It's an "arbitrary"
                        32-bit value. SPI + Protocol (AH in this case) + Dest IP =
                        Security Association (SA) for this datagram

                        32: Sequence Number Field. Monotonically increasing mandatory
                        number

                        32: Authentication Data: Variable length field that contains
                        Integrity Check Value (ICV) for this packet.

- IP Header is modified with "Protocol ID" changed to 51

AH Algorithms
---
- For point-to-point communication (such as Client-Server), suitable algos
  include keyed Message Authentication Codes (MACs) based on symmetric
  encryption algo (DES) or one-way hash functions (MD5 or SHA-1)

- For multicast communication, one-way hash algos combined with asymmetric
  signature algorithms are usually used. But they are CPU intensive.



Encapsulating Security Payload (ESP)
------------------------------------
- AH can protect data from tampering, but not from snooping. For that IPSec uses
  an encryption which provides ESP.
- ESP is used to encrypt entire payload (Layer 4 and above)

- ESP is complex, but it alone can provide authentication, replay-proofing and
  integrity check.
- ESP has 3 components
    * Header
    * Trailer
    * Authentication Block


                                 Checksum on ESP Hdr + TCP + Data + ESP Trailer
                        │                                                          │
                        │◀────────────────────────────────────────────────────────▶│
                        │                                                          │
          ┌─────────────┬──────────────┬──────────────┬─────────────┬──────────────┬─────────────┐
          │             │              │              │             │              │             │
          │             │    ESP       │   TCP/UDP    │     Data    │     ESP      │     ESP     │
          │     IP      │   Header     │              │             │   Trailer    │     Auth    │
          │             │              │              │             │              │             │
          └─────────────┴──────────────┴──────────────┴─────────────┴──────────────┴─────────────┘
                                       │                                           │
                                       │◀─────────────────────────────────────────▶│
                                       │                                           │
                                           Encryption on TCP + Data + ESP Trailer

- IP Header is modified with "Protocol ID" changed to 50

ESP Header (64 bits)
---
32: Security Parameters Index: SPI is arbitrary value. SPI + Dest IP + ESP = SA
(Security Association) for this datagram
32: Sequence Number: Monotonically increasing counter


ESP Trailer
---
0-2040 Padding (for Encryption). Takes different values depending on the
encryption algorithm used
8: Pad Length field indicates number of bytes immediately preceding it.
8: Next Header. Strangely, it indicates type of data in Payload (Check this)


ESP Authentication
---
Variable - Authentication Data: Variable length field containing an Integrity
Check Value (ICV) computed over ESP packet minus Authentication Data


Two Modes of IPSec
----
- Tunnel Mode (Default in most cases):
    * Usually done for end-to-end encryption and to connect to remote networks

- Transport Mode:
    * Done to encrypt _other_ tunnels like GRE



SSL/TLS
------
- Browsers are VPN clients for this proto. Hence, there is restrictions on
  which protocols can be used by SSL/TLS.
- With Java and ActiveX plugins, access to applications can be provided.
  This could be security risk.
- Its a Layer 5 proto (in OSI model).


OpenVPN & SSTP
-------
- Read further in [4] below.



/**************************************************************************/
 *                       MULTICAST (L2 and L3)                            *
/**************************************************************************/

L3 multicast is split in to different address ranges

224.0.0.0 - 224.0.0.255: Local multicast, not forwarded by L3 nodes. EIGRP,
OSPF uses addresses in this range.

224.0.1.0 - 224.0.1.255: Routed multicast, forwarded by L3 nodes.

232.0.0.0 to 232.255.255.255: Source Specific Multicast (SSM).

233.0.0.0 to 233.255.255.255: GLOP addressing. Must be used on experimental
basis.

239.0.0.0 to 239.255.255.255: Cannot be advertised outside.

- Rest of multicast space is transient.


L2 multicast address (MAC address) is constructed purely from L3 address.
- First half of L2 MAC: 01-00-5E
- Second half is built as follows

    Step1: Convert multicast IP to binary
    Step2: Take last 23 binary bits and add 0 to the front
    Step3: Convert the 24 bits to hex and make it as 2nd half of MAC


Multicast Routing
-----------------
- Multicast IPs are not found in FIB. For forwarding PIM (Protocol Independent
  Multicast) is used.


PIM-DM (Dense Mode)
-------------------
- In DM, multicast pkts are initially flooded downstream. Routers that don't
  have receivers downstream, prune back the traffic.
- Assumption is that most of the devices on the LAN/network want multicast
  traffic.
- When router receives multicast pkt, it's forwarded on all interfaces except
  receiving intf.
- Routers can request to be pruned from receiving multicast traffic if no one
  in it's downstream needs it.

- To avoid loops in network, RPF (Reverse Path Forwarding) check is performed.
- When new multicast group starts sending traffic, router receiving traffic
  picks an RPF interface.
- RPF intf is determined as follows:
        * Check the source IP of multicast stream
        * Do a unicast lookup on that source IP
        * The intf that IP points in routing table is RPF intf

- Multicast pkts received on RPF intf are accepted. All other's are dropped.
- After RPF is determined, routers exchange pruning messages to prune links
  off of multicast tree.


Multicast Join
--------------
- Two ways of joining a multicast group: Solicited and Unsolicited

Unsolicited Join:
- When host joins multicast group, it sends IGMP group membership report to
  multicast address.
- This signals the router that this host would like to get multicast stream.

Solicited Join:
- Routers send IGMP query messages. Hosts responding to these messages join
  multicast group. Query msgs are sent to 224.0.0.1 (all multicast devices)

- When a router/switch wants to join a multicast group, it sends PIM Graft
  (Join) message. The upstream router ACKs this.
- Upstream router updates its OIL (Outgoing Intf List) for (MC Source, MC
  Group) pair to include new intf on which new router is present.


Leaving MC group
----------------
- Hosts send IGMP leave msgs to 224.0.0.2 (all multicast devices)
- Hosts indicates the MC group it wants to leave
- After receiving this, router sends a IGMP query out the intf it received
  IGMP leave msg.
- Interested devices must respond with IGMP report.
- If none interested, router doesn't receive response to IGMP query. It stops
  forwarding MC traffic out that intf.
- A router can request to be excluded from MC by sending PIM Prune msgs
  upstream.


Multicast with Multiple Paths
-------
- RPF allows loop free topology. But there can still be multiple paths for a
  multicast packet to take (refer to [1]).
- PIM Assert msg determines which one to take.


IGMP Messages
-------------
IGMP Join
IGMP Query
IGMP Report


PIM-SM (Sparse Mode)
--------------------

Rendezvous Point (RP) Selection
-------

PIM-SM Messages
----
Join
Prune












[1] http://www.dasblinkenlichten.com/understanding-ip-multicast/
[2] http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-multicast/whitepaper_c11-508498.html

/**************************************************************************/
      EVPN (Ethernet VPN) [5-8]
/**************************************************************************/

- EVPN introduces the concept of routing MAC addresses using BGP over MPLS
  core. MAC routing is done by BGP and actual transport of packets is done
  by MPLS network.
- Conceptually, the technology is very similar to Layer 3 MPLS VPN.
- This can solve the problem of stretching Layer 2 networks without VPLS.
- Juniper is already using this technology in their QFabric product.
- Cisco is developing a version called PBB-EVPN.

Benefits:
----
- Ability to have all active multi-link connection between edge devices
  (avoiding loops).
- Load-balance on all active links.
- Support MAC address mobility.

Terminology:
-----
Broadcast Domain: VLAN (single or stacked).
Bridge Domain: An instance of broadcast domain. ??

EVI: An EVPN Instance spanning across the PEs participating in that EVPN.

Ethernet Segment Identifier: Set of Ethernet links attaching a CE to PE's
is called Ethernet Segment. A unique (provider-wide) identifier is used to
identify this, called Ethernet Segment Identifier (ESI).

Ethernet Tag: Identifier of a broadcast domain. VLAN is one example of
Ethernet Tag. An EVPN instance can have multiple broadcast domains. PEs
map CEs to Ethernet Tag/VLANs.

DMAC: Destination MAC

MAC-VRF: MAC Virtual Route Forwarding.

- MAC learning happens in Control Plane. I think it happens in Data Plane
  but learnt MAC info is immediately sent to Control Plane where an entry
  in MAC-VRF table is built in which each entry contains (my guess):

        MAC-VRF Table
        -------------
        EVI/Ethernet Tag
        ESI
        MAC Addr
        IP Addr of Remote PE
        Outgoing Intf

DF: Designated Forwarder. In a multihomed Ethernet Segment, one of the PEs
becomes DF and rest non-DF.



Split Horizon:
-----
- If CEs send Broadcast, Unknown Unicast or Multicast [BUM] traffic, PEs
  should not send it back to CE. This is called Split Horizon.
- To do this, there should be a table mapping ESI to MPLS label. Peer
  PEs connected to same CE should drop MPLS traffic with above label. In
  below example, PE2 should drop MPLS BUM traffic from PE1 corresponding
  to ESI 10.

        +----- PE1 <-----------------> PE3 ---+
      /         ^                       ^       \
     /          |                       |        \
    /           |                       |         \
  CE1 (ESI 10)  |                       | (ESI 20) CE2
    \           |                       |         /
     \          |                       |        /
      \         v                       v       /
        +----- PE2 <-----------------> PE4 ---+

                        Fig 29.1

- MPLS labels are advertised by PEs using Ethernet A-D route extended
  community.
- Egress PEs rely on this label to decide to forward BUM packet or drop
  it.
- Difference between Split Horizon and "Multi Destination Traffic" is SH
  is based on ESI and Multi Destination Traffic is based on BVI.


BGP EVPN NLRI:
-----
- BGP Network Layer Route Information is regular updates sent by BGP
  routers to share route info.
- An extension to BGP [RFC4271] called Multiprotocol Extensions BGP [RFC4760]
  is used to send EVPN NLRI info.
- Following is its format:

                +-----------------------------------+
                |    Route Type (1 octet)           |
                +-----------------------------------+
                |     Length (1 octet)              |
                +-----------------------------------+
                |      Route Type (EVPN NLRI)       |
                |       its variable length         |
                +-----------------------------------+

                              Fig 29.2

        Route Type = Defines encoding of rest of EVPN NLRI
                     (type = 0x02)
        Length = in Bytes


Types of BGP EVPN NLRI
----------------------------------------------------------------------
Ethernet Auto-Discovery | Used for 'Fast Convergence' and 'Aliasing'.
----------------------------------------------------------------------
MAC/IP Advertisement | To advertise new MAC, load balancing activities.
----------------------------------------------------------------------
Inclusive Multicast Ethernet Tag | PEs send this NLRI so that remote PEs
can reach this PEs to send BUM traffic. Used in 'Handling of
Multi-Destination Traffic'.
----------------------------------------------------------------------
Ethernet Segment | Used in 'DF Election'.
----------------------------------------------------------------------
ESI Label Extended Community (EC) | May be advertised with Ethernet A-D to
prevent split-horizon.
----------------------------------------------------------------------
ES-Import Route Target EC |
----------------------------------------------------------------------
MAC Mobility EC |
----------------------------------------------------------------------
Default Gateway EC |
----------------------------------------------------------------------
RD Assignment per EVI |
----------------------------------------------------------------------
RT (Route Targets) |
----------------------------------------------------------------------


MAC/IP Advertisement Route:
-----
- For each PE, locally learned MACs are advertised in following format.

               +---------------------------------------+
               |     Route Type (1 byte, type=3)       |
               +---------------------------------------+
               |          Length (1 byte)              |
               +---------------------------------------+
               |          RD   (8 bytes)               |
               |       RD Type 1 - x.x.x.x:0           |
               +---------------------------------------+
               |Ethernet Segment Identifier (10 bytes) |
               +---------------------------------------+
               |      Ethernet Tag ID (4 bytes)        |
               +---------------------------------------+
               |    Source MAC Addr Length (1 byte)    |
               +---------------------------------------+
               |      Source MAC Addr (6 bytes)        |
               +---------------------------------------+
               |   Source IP Addr Length (1 byte)      |
               +---------------------------------------+
               |  Source IP Addr (0 or 4 or 16 bytes)  |
               +---------------------------------------+
               |        MPLS Label1 (3 bytes)          |
               +---------------------------------------+
               |      MPLS Label2 (0 or 3 bytes)       |
               +---------------------------------------+

                             Fig 29.3

- MACs can be aggregated and MAC prefix can be advertised instead of each MAC.
- In that case, IP addr length = 0 and no IP addr is advertised.
- If there is an ARP Request from a CE and if PE has MAC:IP mapping record, it
  will act as ARP Proxy and respond to the request.


Multi-Destination Traffic:
----
- PEs advertise new "Inclusive Multicast Ethernet Tag" route type to allow
  remote PEs to forward BUM packets.
- Format looks like this (from draft, Section 7.2):

               +---------------------------------------+
               |     Route Type (1 byte, type=3)       |
               +---------------------------------------+
               |          Length (1 byte)              |
               +---------------------------------------+
               |            RD (8 bytes)               |
               +---------------------------------------+
               |        Ethernet Tag ID (4 bytes)      |
               +---------------------------------------+
               |       IP Addr Length (1 byte)         |
               +---------------------------------------+
               |       Originating Router's IP Addr    |
               |            (4 or 16 bytes)            |
               +---------------------------------------+


Section 13: Forwarding Unicast Packets

13.1: Forwarding packets received from CE

    a. Packet received by PE
        a.a. DMAC is known (somehow).
            - Forward packet to remote PEs or locally attached CE.
            - Uses remote PEs' EVPN MPLS label as advertised by remote PE.

        a.b. DMAC is unknown.
            - PE must flood the packet to other PEs.
            - Encapsulate the packet with ESI MPLS label



13.2: Forwarding packets received from PE
13.2.1: Unknown Unicast
13.2.2: Known Unicast

-
References:
[1] http://www.windowsecurity.com/articles-tutorials/firewalls_and_VPN/VPN-Options.html
[2] http://www.mcpressonline.com/networking/general/vpns-a-head-to-head-comparison.html
[3] http://en.wikipedia.org/wiki/Virtual_private_network
[4] https://www.bestvpn.com/blog/4147/pptp-vs-l2tp-vs-openvpn-vs-sstp/
[5] https://tools.ietf.org/html/draft-ietf-l2vpn-evpn-08
[6] http://www2.alcatel-lucent.com/techzine/ethernet-vpn-evpn-integrated-layer-2-3-services/
[7] https://conference.apnic.net/data/37/2014-02-24-apricot-evpn-presentation_1393283550.pdf
[8] https://sites.google.com/site/amitsciscozone/home/important-tips/mpls-wiki/bgp-mpls-based-ethernet-vpn
[9] http://technet.microsoft.com/en-us/library/cc778019(v=ws.10).aspx


/**************************************************************************/
                        VXLAN (Virtual Extensible LAN)
/**************************************************************************/

- Provides same VLAN services but much more flexibility and extendability.
- Some benefits are:
    + Flexibility: Underlying network infra can be abstracted away to look
                   like an L2 segment.
    + Scalability: With 24 bit VXLAN network identifier (VNID), up to 16M
                   VXLAN segments can coexists
    + Better Utilization: VLAN uses STP to prevent loops, shutting down half
                   network links. VXLAN, on the contrary, uses underlying L3
                   protocols (ECMP, LAG etc). Much better utilization of
                   available links.


Packet Format
=============

    +-----------+----------+------+-------------------------------------+
    | Outer MAC | Outer IP |  UDP |  VXLAN  + Original L2 frame  |  FCS |
    |    Hdr    |    Hdr   |  Hdr |   Hdr                        |      |
    +-----------+----------+------+-------------------------------------+

a) Out MAC Hdr --> DMAC + SMAC + (VLAN Type + VLAN Tag) + EtherType
    Total of 14 bytes (4 bytes are optional)

b) Outer IP Hdr --> Misc Data + Protocol (0x11) + ChkSum + Src IP + Dst IP
    Total of 20 bytes

c) UDP Hdr --> Src Port + Dst Port + UDP len + ChkSum
                           (VXLAN)
    Total of 8 bytes

d) VXLAN Hdr --> Total 8 bytes
                        +----------------------+
                        |   VXLAN  RRRR1RRR    |  1 byte
                        +----------------------+
                        |      Reserved        |  3 bytes
                        +----------------------+
                        |         VNID         |  3 bytes
                        +----------------------+
                        |      Reserved        |  1 byte
                        +----------------------+


VXLAN Tunnel Endpoint (VTEP)
=====================
- VXLAN uses VTEP to map hosts to VXLAN segments that it belongs to.
- VTEP is used to encap/decap VXLAN packets.
- VTEP has 2 functionalities:
    a) IP interface to transport network
    b) Switch interface to local LAN

- Interfaces on a VTEP device/box:

            IP Network
                ^
                |
                |
    +---------------------------+
    |      IP    Interface      |
    +---------------------------+
    |     Local LAN Segment     |
    +---------------------------+
       |     |      |
       v     v      v
      Host1  H2     H3


- VTEP device maintains MAC-to-VTEP mappings and exit IP interfaces.

- For more detailed info, read [1]


Reference:
[1] http://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/white-paper-c11-729383.html



/**************************************************************************/
                        GRE (Generic Route Encapsulation)
/**************************************************************************/
- Protocol can be used to establish point-to-point tunnel and carry any L3
  traffic. Cisco's invention.
- Can encapsulate IPv6 and multicast traffic.
- Typical protocol stack looks like

        Session (SSH etc)
        Transport (UDP, TCP)
        Network (IPv6)
        Encapsulated in GRE
        Network (IPv4)
        Data Link (Ethernet)
        Physical (Wired/Wireless)

Packet Header
=============

    +-----+-------------+---------+-------------------------+
    |C|K|S|  Reserved0  | Version |     Protocol  Type      |
    +-----+-------------+---------+-------------------------+
    |     Checksum (optional)     |   Reserved1 (optional)  |
    +-----------------------------+-------------------------+
    |                      Key (optional)                   |
    +-------------------------------------------------------+
    |               Sequence Number (optional)              |
    +-------------------------------------------------------+

C - Checksum bit. Set to 1 if present
K - Key bit. Set to 1 if present
S - Sequence number. Set to 1 if present

Reserved0 (9 bits) - Set to 0
Version (3 bits) - GRE version. Set to 0
Protocol Type (16 bits) - EtherType of encapsulated payload. For IPv4, it is 0x800
Checksum (16 bits) - Checksum for GRE header and payload
Reserved1 (16 bits) - Set to 0
Key (32 bit)
Sequence Number (32 bit)



Reference:
[1] https://en.wikipedia.org/wiki/Generic_Routing_Encapsulation
[2] http://searchenterprisewan.techtarget.com/definition/Generic-routing-encapsulation-GRE
[3] https://www.juniper.net/documentation/en_US/junos12.3/topics/concept/gre-tunnel-services.html

/**************************************************************************/
            GENEVE (Generic Network Virtualization Encapsulation)
/**************************************************************************/



Reference:
[1] https://datatracker.ietf.org/doc/html/draft-gross-geneve-00
[2]

/**************************************************************************/
        OAM Protocols (Operations, Administration and Maintenance)
/**************************************************************************/
- [1] gives very good overview. Authors (from Marvell Semiconductors) have
  similar draft paper in IETF [2]


Reference:
[1] http://www.marvell.com/switching/assets/Marvell_OAM_Puzzle_001_white_paper.pdf
[2] https://tools.ietf.org/html/rfc7276


/**************************************************************************/
                    BFD (Bidirectional Forwarding Detection)
/**************************************************************************/
- Operates in Asynchronous and On-Demand modes.
- Enabled in forwarding plane to detect link failures.
- BFD agent sits in forwarding plane and talks to BFD master in control plane.
- Routing protocols (BGP, OSPF etc) can get updates from BFD master in control
  plane and take quick routing decisions (sub-second).
- Routing protocols can have slow link failure detection mechanisms (keepalive
  and hello failures etc). BFD can be used to leverage that.

Disadvantages:
- Depending on scale, it can have high resource utilization.

[1] https://www.nanog.org/meetings/nanog45/presentations/Monday/Scholl_BFD_N45.pdf
[2] https://tools.ietf.org/html/rfc7276


/**************************************************************************/
                  Virtual Router Redundancy Protocol (VRRP)
/**************************************************************************/
- Collection of routers act as a single router.
- One router acts as Master and rest are Backup.
- Master uses 00-00-5E-00-01-XX as MAC address.
- Last byte (XX) is Virtual Router Identifier (VRID), which is different for
  each virtual router in the network.
- Physical routers within clusters must communicate within themselve using
  multicast IP address (224.0.0.18) and IP protocl number 112.
- Routers have a priority between 1-254 and highest priority becomes master.
  Default priority is 100.



Terms & Definitions
--------------------

DSL: Digital Subscriber Line. Public network technology that delivers high
bandwidth over conventional copper wiring at limited distances. There are
4 types of DSL: ADSL, HDSL, SDSL and VDSL. All are provisioned via modem
pairs, with one modem located at central office and the other at the
customer site. Because most DSL technologies do not use the whole
bandwidth of the twisted pair, there is room remaining for voice channel.


ISDN: Integrated Services Digital Network Communication protocol, offered
by telephone companies that permits telephone networks to carry data,
voice and other source traffic.