Sunday, 6 October 2013

PPP Authentication


  • Is it a mutual authentication or only one side is authenticating?
  • Clear text or scrambled password in running config:
    • username R1 password 0 test
    • no service password-encryption
  • VTY and Console line authentication
    • aaa authentication login default line none
    • none required if no password is set on console
  • AAA settings
    • aaa authentication ppp default group radius local-case

Sunday, 28 July 2013

IPv6 Multicast Routing with BSR

R1(config)#ipv6 routing
R1(config)#ipv6 pim bsr candidate rp <IPv6 Address>
R1(config)#ipv6 pim bsr candidate bsr <IPv6 Address> priority X


BSR and RP can't be on a single router.

Saturday, 29 June 2013

IP Addressing in Mars!

Got this few days ago in a test lab:

*Mar  1 00:10:50.423: %BGP-6-NEXTHOP: Invalid next hop (254.192.2.52) received from FEC0:234::4: martian next hop

it seems Class E was reserved to be used on Mars, always knew we are not alone!

Monday, 27 May 2013

Debug Condition

debug condition interface fastEthernet 0/1
debug ip ospf hello

Saturday, 11 May 2013

Full Packet Dump

R1#debug ip packet detail <ACL#> dump

dump is a hidden option.

Monday, 25 March 2013

OSPF Downward Option

PE1 router advertises intra area routes int MP-BGP. other PE2 redistributes the MP-BGP routes into OSPF as LSA type 3 (Summary address) as MPLS backbone acts as an OSPF superbackbone.

PE2 sets the Down bit on those routes to avoid routing loops in scenarios which a site is dual homed to the service provider network.

If a router receives a Type 3 LSA with its Down bit set on an interface that belongs to a VRF, it drops the LSA. In cases which the site is not dual home this loop prevention mechanism is undesirable.

To disable this behaviour the following command can be used under router ospf, which no longer perform PE specific checks:

R1(config-router)# capability vrf-lite

If the router doesn't support that command, different OSPF domain-ids should be set on the PE routers, which in turn changes the route types to External(LSA Type 5) instead of Summary (LSA Type3).

Saturday, 16 March 2013

max-reserved-bandwidth

To change the percent of interface bandwidth allocated for Resource Reservation Protocol (RSVP), class-based weighted fair queueing (CBWFQ), low latency queueing (LLQ), IP RTP Priority, Frame Relay IP RTP Priority, Frame Relay PVC Interface Priority Queueing (PIPQ), or hierarchical queueing framework (HQF), use the max-reserved bandwidth command in interface configuration mode.


http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m1.html#wp1054626