MPLS Layer 3 VPN
12 likes2,438 views
This document explains MPLS Layer 3 VPNs. It discusses how Layer 3 VPNs allow routing information to be shared between customer sites using protocols like OSPF and BGP across the service provider's MPLS network. It describes how Virtual Routing and Forwarding instances (VRFs), MP-BGP, Route Distinguishers (RDs), and Route Targets (RTs) work together to separate routing information for different customers and establish VPN connectivity between their sites while avoiding overlapping address spaces.
1 of 22
Ad
Recommended
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC This document discusses deploying MPLS L3VPN. It begins with an overview of MPLS and VPN terminology. It then covers the MPLS reference architecture and different node types. It describes how IP/VPN technologies use separate routing tables at provider edge (PE) routers to provide independent virtual routing and forwarding (VRF) instances for each VPN customer. The control plane uses multiprotocol BGP (MP-BGP) to distribute VPN routes between PE routers using route distinguisher (RD), route target (RT), and labels. The forwarding plane uses these labels to encapsulate and transport customer IP packets across the MPLS core. The document then discusses various IP/VPN services including load sharing, hub-and-spoke
Mpls L3_vpn
Mpls L3_vpnReza Farahani MPLS L3 VPN allows companies to offer Layer 3 VPN services with advantages like scalability, security, and support for duplicate IP addresses and different network topologies. The key components that enable this are VRF tables on PE routers that separate routing information for each customer to avoid duplicate IP issues, and MP-BGP which customizes VPN routing information using a Route Distinguisher, VPN label, and Route Target to support different VPN topologies. MPLS L3 VPN provides services like multi-homed sites for redundancy, hub-and-spoke networks, internet access with security, and extranets for inter-company communication.
MPLS Traffic Engineering
MPLS Traffic EngineeringAPNIC MPLS Traffic Engineering provides mechanisms to optimize network traffic flow and efficiently utilize bandwidth. It determines paths based on additional parameters like available resources and constraints. This allows load balancing across unequal paths and routing around failed links or nodes. MPLS TE uses extensions to IGPs to distribute link attributes and tunnel information. Constrained Shortest Path First (CSPF) is used for path computation to find paths meeting constraints like bandwidth and affinities. Tunnels are set up using RSVP-TE and traffic can be forwarded down tunnels using methods like static routes, auto-routing, or policy routing. Fast Re-Route provides local repair of TE tunnels if a link or node fails to minimize traffic loss.
VPLS Fundamental
VPLS FundamentalReza Farahani The document discusses the fundamentals of Virtual Private LAN Services (VPLS) and the concept of tunneling in VPNs, explaining various types of layer 2 encapsulations such as 802.1q and q-in-q. It details the structure of VPLS, including its components like pseudo wires, attachment circuits, and forwarding mechanisms, as well as different deployment topologies like full mesh and hub-and-spoke models. The document also addresses labeling and signaling within VPLS, highlighting the optimization of traffic management and the scalability challenges faced in large networks.
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsShawn Zandi The document discusses Multiprotocol Label Switching (MPLS), highlighting its functionality, advantages, and various components such as label operations, label distribution protocols, and MPLS applications. It explains the role of Label Switching Routers (LSR), label assignment, and labeling protocols like LDP and TDP. Additionally, the document addresses the integration of MPLS with ATM technology and the necessary configurations for implementing MPLS in networking environments.
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC The document provides information about an upcoming training course on deploying MPLS L3 VPNs. It includes details about the trainers, Nurul Islam Roman and Jessica Wei, their backgrounds and areas of expertise. It also outlines the course agenda which will cover topics such as MPLS VPN models, terminology, operation, configuration examples and service deployment scenarios.
Mpls
MplsFasih Rehman The document discusses MPLS VPN configurations. It covers VPN concepts like overlay and peer models, benefits of MPLS VPNs, and how routing information is propagated between provider edge (PE) routers using MP-BGP. Key aspects include using virtual routing and forwarding (VRF) instances to isolate customer routes, extending prefixes with route distinguishers (RDs) to handle overlapping addresses, and exchanging VPN routes between PE routers in the provider network.
MPLS VPN
MPLS VPNWilfried Tiani Le document présente un projet de configuration d'un réseau MPLS VPN pour interconnecter plusieurs sociétés, en précisant une approche directe pour éviter de revisiter les routeurs configurés. Il détaille les étapes de configuration des routeurs, incluant l'identification des VRF, la configuration des routeurs clients, du backbone, et des routeurs edge, ainsi que la gestion des protocoles de routage associés. L'architecture visée est une topologie 'hub and spoke' pour la société BH, tout en intégrant les besoins spécifiques des sociétés monoprix et onetech.
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier BGP started in 1989 to connect autonomous systems in a stable, efficient manner. This document outlines advancements in BGP infrastructure, VPN enhancements, and high availability features. Infrastructure enhancements improve areas like keepalive processing and update generation. VPN enhancements support technologies like iBGP between PE and CE routers, multicast VPNs, and EVPN. High availability features include graceful shutdown, fast convergence using PIC, and non-stop routing.
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG BFD is a protocol that can quickly detect failures in the forwarding path between two adjacent routers, including interfaces, data links, and forwarding planes. It operates in two modes: asynchronous mode where it periodically sends control packets, and demand mode where it only sends packets when needed. When a failure is detected, BFD triggers routing protocol actions to recalculate the routing table and reduce convergence time. It provides fast failure detection independently of media, encapsulation, topology, or routing protocol. Configuring BFD involves setting intervals at the interface level and enabling it for routing protocols.
CCNA - Switching Concepts made easy
CCNA - Switching Concepts made easysushmil123 This document provides an overview of switching concepts in computer networking, including:
- How switches operate at the data link layer to segment networks and improve performance through dedicated bandwidth on each port.
- Key switch functions like reading MAC addresses to populate the MAC address table and make forwarding decisions.
- VLANs and how they logically segment networks for improved management and security.
- Spanning Tree Protocol which prevents switching loops by blocking certain ports.
- Port aggregation technologies like EtherChannel that bundle multiple physical ports into a single logical port for redundancy and increased bandwidth.
PGW GGSN Optional Services Configuration
PGW GGSN Optional Services ConfigurationMustafa Golam The document provides an overview of PGW/GGSN configuration on a Juniper router, including configuring routing instances, APNs, CDRs, QoS, and other optional configurations like SACC, PISC, and credit control. It describes configuring connectivity and routing, GTP properties, L2TP, DHCP, RADIUS, PDP context properties, and quality of service. The document also lists additional resources for further study of 3GPP specifications and vendor documentation.
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC This document provides an overview and agenda for a presentation on VXLAN BGP EVPN technology. It begins with an introduction to VXLAN and EVPN concepts. It then outlines the agenda which includes explaining VXLAN configuration, EVPN configuration, underlay configuration, overlay configuration, and EVPN VXLAN service configuration. It also provides a sample migration from a legacy device configuration to a VXLAN BGP EVPN configuration. Various networking acronyms related to VXLAN and EVPN are defined. Sample vendor supported data center technologies and a VXLAN test topology are shown.
Label Distribution Protocol
Label Distribution ProtocolKashif Latif LDP allows MPLS routers to exchange label mapping information by establishing LDP sessions between peers. LDP defines procedures and messages for routers to advertise label bindings and establish label switched paths for forwarding traffic. LDP sessions can be directly connected over a single hop or nondirectly connected over multiple hops using targeted Hellos.
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert VRF-Lite allows a single physical router to virtualize multiple routers by creating independent virtual routing tables (VRFs). Each VRF logically isolates the routing tables and network traffic of customers or applications. The physical router uses VLAN trunking to keep traffic from different VRFs separate when sending data to other devices. Configuring VRF-Lite involves defining VRFs, assigning interfaces to VRFs, and configuring routing protocols for each VRF.
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider NeedsCSUC - Consorci de Serveis Universitaris de Catalunya EVPN is a network virtualization technology that allows Ethernet services to be delivered across MPLS or IP networks. It uses BGP for the control plane to distribute MAC and IP addresses and can support both single-active and all-active multi-homing topologies. EVPN provides flexibility in service delivery and has been widely adopted by major service providers and cloud providers for a variety of use cases including data center interconnect and virtual machine mobility. Automation of EVPN configuration can simplify provisioning and management through the use of tools like NetBox, Python scripts, Ansible, and workflow managers.
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada The document provides an overview of Segment Routing technologies including SRv6. It begins with a recap of Segment Routing concepts and how it simplifies network operations. It then covers SRv6 which extends Segment Routing to IPv6 networks to take advantage of growing IPv6 adoption. The document discusses how SRv6 can further simplify networks and support new services and traffic patterns from 5G, IoT, and container-based microservices.
Deploy MPLS Traffic Engineering
Deploy MPLS Traffic EngineeringAPNIC The document provides information about a training event on Deploy MPLS Traffic Engineering taking place from 20 February to 2 March 2017 in Ho Chi Minh City, Vietnam. It includes details about two presenters - Nurul Islam Roman, Manager of Training & Technical Assistance at APNIC, and Jessica Wei, Training Officer at APNIC. It also acknowledges Cisco Systems and provides an agenda with topics on why MPLS Traffic Engineering is used and how it works.
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)NetProtocol Xpert - Multi-Protocol Label Switching (MPLS) improves forwarding speed and enables new capabilities like traffic engineering and virtual private networks. It uses short fixed-length labels to represent IP packets and make forwarding decisions.
- MPLS was originally conceived as being independent of Layer 2 but has found success deploying IP networks across ATM backbones. Standards are being developed and it is seen as an important network development.
- MPLS encapsulates IP packets with labels which are then used instead of the IP header for forwarding decisions, allowing separation of the forwarding and control planes.
EVPN Introduction
EVPN IntroductionBangladesh Network Operators Group EVPN is an Ethernet VPN technology that extends layer 2 networks over a layer 3 underlay. It uses BGP as the control plane to distribute MAC addresses and Ethernet segment information between provider edge (PE) devices. EVPN supports various data plane encapsulations like MPLS, VXLAN, and NVGRE. It provides an integrated solution for layer 2 and layer 3 VPNs that addresses scaling challenges in traditional VPLS deployments.
Ccnp workbook network bulls
Ccnp workbook network bullsSwapnil Kapate This document contains information about routing protocols like EIGRP, OSPF, BGP and IPv6 routing. It discusses various topics such as configuring and tuning EIGRP parameters like timers, authentication and metrics. It also covers topics related to OSPF like network types, route filtering, summarization etc. Redistribution between protocols and IPv6 routing concepts are also mentioned. The document contains practical exercises for configuring various routing features on sample networks.
Lte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTEmanish_sapra LTE uses EPS bearers to carry user data traffic. There are two types of EPS bearers - default bearers and dedicated bearers. Default bearers are created for each PDN connection and provide basic "best effort" internet access. Dedicated bearers provide additional tunnels for specific traffic like VoLTE and can have guaranteed bitrates. Dedicated bearers are linked to a default bearer and inherit properties like the PDN address from the default bearer. GTP is the protocol used to encapsulate and carry bearer traffic through the LTE core network.
Mpls Services
Mpls ServicesKristof De Brouwer The document provides an overview of MPLS (Multi-Protocol Label Switching) concepts and components. It discusses how MPLS separates routing from forwarding by using labels to forward packets based on the label rather than the IP address. It describes MPLS components like edge label switching routers (ELSR or PE), label switching routers (LSR or P), and the label distribution protocol (LDP). It also provides examples of MPLS forwarding and MPLS VPN operation.
Spanning tree protocol (stp)
Spanning tree protocol (stp)RaghulR21 The document provides an overview of the Spanning Tree Protocol (STP) and its successor, Rapid Spanning Tree Protocol (RSTP), which prevent network loops in Ethernet LANs while allowing redundancy. It explains the mechanisms of loop avoidance, bridge protocol data units (BPDU), and the process of selecting the root bridge and forwarding ports using a spanning tree algorithm. Additionally, it covers various STP states, types, and practical lab exercises to understand STP and RSTP functionalities.
Cisco ospf
Cisco ospf sarasanandam The document discusses OSPF link-state routing protocol. It describes OSPF's use of link-state databases containing topology information and Dijkstra's algorithm to calculate the shortest path to all destinations. It also explains OSPF's hierarchical area-based network structure and use of link-state advertisements to exchange routing information between neighbors.
IS-IS Packet Types
IS-IS Packet TypesNetProtocol Xpert This document discusses the different packet types used in IS-IS routing protocol. There are four main packet types: Hello PDUs which discover neighbors, Link State PDUs which exchange routing information, Partial Sequence Number PDUs which request missing information, and Complete Sequence Number PDUs which synchronize link state databases. All packet types carry Type-Length-Value fields which allow for extensibility.
MPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani The document discusses Multi-Protocol Label Switching (MPLS), highlighting its advantages over traditional routing methods, limitations, and various applications such as VPNs, Traffic Engineering (TE), and Quality of Service (QoS). It explains the role of label distribution protocols, especially LDP, in facilitating dynamic label distribution and emphasizes the importance of the MPLS header and the concept of penultimate hop popping (PHP). Key terminologies related to MPLS, including FIB and RIB, are also defined.
HSRP ccna
HSRP ccna MohamedJafar5 HSRP (Hot Standby Routing Protocol) defines an active-standby router configuration using virtual IP and MAC addresses to provide default gateway redundancy. The router with the highest priority value becomes the active router and sends periodic hello messages to the standby router. The show standby command can be used to verify the HSRP state and priority values of routers.
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert This document discusses common layer 2 security threats and attacks, including MAC layer attacks, VLAN attacks, spoofing attacks, and attacks against switch devices. It describes several specific attacks such as MAC flooding, VLAN hopping, DHCP starvation, and CDP manipulation. The document also provides mitigation strategies for each threat, such as using port security, private VLANs, DHCP snooping, and disabling unused protocols.
Cisco ASR 1001-X Router
Cisco ASR 1001-X RouterNetProtocol Xpert The document discusses using the Cisco ASR 1001-X router to handle large traffic loads entering a centralized datacenter from global sites. Specifically:
- The ASR 1001-X is capable of aggregating 1Gbps of traffic entering the datacenter and connecting to an ISP edge router.
- It has redundant Cisco IOS-XE software, encryption support up to 78Gbps, 8GB of DRAM, and a quad-core processor.
- While the ASR 1001-X can handle many scenarios, larger routers like the ASR 1001-HX or ASR 1002-HX are needed for more slots or higher traffic loads over 20Gbps.
More Related Content
What's hot (20)
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier BGP started in 1989 to connect autonomous systems in a stable, efficient manner. This document outlines advancements in BGP infrastructure, VPN enhancements, and high availability features. Infrastructure enhancements improve areas like keepalive processing and update generation. VPN enhancements support technologies like iBGP between PE and CE routers, multicast VPNs, and EVPN. High availability features include graceful shutdown, fast convergence using PIC, and non-stop routing.
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG BFD is a protocol that can quickly detect failures in the forwarding path between two adjacent routers, including interfaces, data links, and forwarding planes. It operates in two modes: asynchronous mode where it periodically sends control packets, and demand mode where it only sends packets when needed. When a failure is detected, BFD triggers routing protocol actions to recalculate the routing table and reduce convergence time. It provides fast failure detection independently of media, encapsulation, topology, or routing protocol. Configuring BFD involves setting intervals at the interface level and enabling it for routing protocols.
CCNA - Switching Concepts made easy
CCNA - Switching Concepts made easysushmil123 This document provides an overview of switching concepts in computer networking, including:
- How switches operate at the data link layer to segment networks and improve performance through dedicated bandwidth on each port.
- Key switch functions like reading MAC addresses to populate the MAC address table and make forwarding decisions.
- VLANs and how they logically segment networks for improved management and security.
- Spanning Tree Protocol which prevents switching loops by blocking certain ports.
- Port aggregation technologies like EtherChannel that bundle multiple physical ports into a single logical port for redundancy and increased bandwidth.
PGW GGSN Optional Services Configuration
PGW GGSN Optional Services ConfigurationMustafa Golam The document provides an overview of PGW/GGSN configuration on a Juniper router, including configuring routing instances, APNs, CDRs, QoS, and other optional configurations like SACC, PISC, and credit control. It describes configuring connectivity and routing, GTP properties, L2TP, DHCP, RADIUS, PDP context properties, and quality of service. The document also lists additional resources for further study of 3GPP specifications and vendor documentation.
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC This document provides an overview and agenda for a presentation on VXLAN BGP EVPN technology. It begins with an introduction to VXLAN and EVPN concepts. It then outlines the agenda which includes explaining VXLAN configuration, EVPN configuration, underlay configuration, overlay configuration, and EVPN VXLAN service configuration. It also provides a sample migration from a legacy device configuration to a VXLAN BGP EVPN configuration. Various networking acronyms related to VXLAN and EVPN are defined. Sample vendor supported data center technologies and a VXLAN test topology are shown.
Label Distribution Protocol
Label Distribution ProtocolKashif Latif LDP allows MPLS routers to exchange label mapping information by establishing LDP sessions between peers. LDP defines procedures and messages for routers to advertise label bindings and establish label switched paths for forwarding traffic. LDP sessions can be directly connected over a single hop or nondirectly connected over multiple hops using targeted Hellos.
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert VRF-Lite allows a single physical router to virtualize multiple routers by creating independent virtual routing tables (VRFs). Each VRF logically isolates the routing tables and network traffic of customers or applications. The physical router uses VLAN trunking to keep traffic from different VRFs separate when sending data to other devices. Configuring VRF-Lite involves defining VRFs, assigning interfaces to VRFs, and configuring routing protocols for each VRF.
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider NeedsCSUC - Consorci de Serveis Universitaris de Catalunya EVPN is a network virtualization technology that allows Ethernet services to be delivered across MPLS or IP networks. It uses BGP for the control plane to distribute MAC and IP addresses and can support both single-active and all-active multi-homing topologies. EVPN provides flexibility in service delivery and has been widely adopted by major service providers and cloud providers for a variety of use cases including data center interconnect and virtual machine mobility. Automation of EVPN configuration can simplify provisioning and management through the use of tools like NetBox, Python scripts, Ansible, and workflow managers.
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada The document provides an overview of Segment Routing technologies including SRv6. It begins with a recap of Segment Routing concepts and how it simplifies network operations. It then covers SRv6 which extends Segment Routing to IPv6 networks to take advantage of growing IPv6 adoption. The document discusses how SRv6 can further simplify networks and support new services and traffic patterns from 5G, IoT, and container-based microservices.
Deploy MPLS Traffic Engineering
Deploy MPLS Traffic EngineeringAPNIC The document provides information about a training event on Deploy MPLS Traffic Engineering taking place from 20 February to 2 March 2017 in Ho Chi Minh City, Vietnam. It includes details about two presenters - Nurul Islam Roman, Manager of Training & Technical Assistance at APNIC, and Jessica Wei, Training Officer at APNIC. It also acknowledges Cisco Systems and provides an agenda with topics on why MPLS Traffic Engineering is used and how it works.
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)NetProtocol Xpert - Multi-Protocol Label Switching (MPLS) improves forwarding speed and enables new capabilities like traffic engineering and virtual private networks. It uses short fixed-length labels to represent IP packets and make forwarding decisions.
- MPLS was originally conceived as being independent of Layer 2 but has found success deploying IP networks across ATM backbones. Standards are being developed and it is seen as an important network development.
- MPLS encapsulates IP packets with labels which are then used instead of the IP header for forwarding decisions, allowing separation of the forwarding and control planes.
EVPN Introduction
EVPN IntroductionBangladesh Network Operators Group EVPN is an Ethernet VPN technology that extends layer 2 networks over a layer 3 underlay. It uses BGP as the control plane to distribute MAC addresses and Ethernet segment information between provider edge (PE) devices. EVPN supports various data plane encapsulations like MPLS, VXLAN, and NVGRE. It provides an integrated solution for layer 2 and layer 3 VPNs that addresses scaling challenges in traditional VPLS deployments.
Ccnp workbook network bulls
Ccnp workbook network bullsSwapnil Kapate This document contains information about routing protocols like EIGRP, OSPF, BGP and IPv6 routing. It discusses various topics such as configuring and tuning EIGRP parameters like timers, authentication and metrics. It also covers topics related to OSPF like network types, route filtering, summarization etc. Redistribution between protocols and IPv6 routing concepts are also mentioned. The document contains practical exercises for configuring various routing features on sample networks.
Lte default and dedicated bearer / VoLTE
Lte default and dedicated bearer / VoLTEmanish_sapra LTE uses EPS bearers to carry user data traffic. There are two types of EPS bearers - default bearers and dedicated bearers. Default bearers are created for each PDN connection and provide basic "best effort" internet access. Dedicated bearers provide additional tunnels for specific traffic like VoLTE and can have guaranteed bitrates. Dedicated bearers are linked to a default bearer and inherit properties like the PDN address from the default bearer. GTP is the protocol used to encapsulate and carry bearer traffic through the LTE core network.
Mpls Services
Mpls ServicesKristof De Brouwer The document provides an overview of MPLS (Multi-Protocol Label Switching) concepts and components. It discusses how MPLS separates routing from forwarding by using labels to forward packets based on the label rather than the IP address. It describes MPLS components like edge label switching routers (ELSR or PE), label switching routers (LSR or P), and the label distribution protocol (LDP). It also provides examples of MPLS forwarding and MPLS VPN operation.
Spanning tree protocol (stp)
Spanning tree protocol (stp)RaghulR21 The document provides an overview of the Spanning Tree Protocol (STP) and its successor, Rapid Spanning Tree Protocol (RSTP), which prevent network loops in Ethernet LANs while allowing redundancy. It explains the mechanisms of loop avoidance, bridge protocol data units (BPDU), and the process of selecting the root bridge and forwarding ports using a spanning tree algorithm. Additionally, it covers various STP states, types, and practical lab exercises to understand STP and RSTP functionalities.
Cisco ospf
Cisco ospf sarasanandam The document discusses OSPF link-state routing protocol. It describes OSPF's use of link-state databases containing topology information and Dijkstra's algorithm to calculate the shortest path to all destinations. It also explains OSPF's hierarchical area-based network structure and use of link-state advertisements to exchange routing information between neighbors.
IS-IS Packet Types
IS-IS Packet TypesNetProtocol Xpert This document discusses the different packet types used in IS-IS routing protocol. There are four main packet types: Hello PDUs which discover neighbors, Link State PDUs which exchange routing information, Partial Sequence Number PDUs which request missing information, and Complete Sequence Number PDUs which synchronize link state databases. All packet types carry Type-Length-Value fields which allow for extensibility.
MPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani The document discusses Multi-Protocol Label Switching (MPLS), highlighting its advantages over traditional routing methods, limitations, and various applications such as VPNs, Traffic Engineering (TE), and Quality of Service (QoS). It explains the role of label distribution protocols, especially LDP, in facilitating dynamic label distribution and emphasizes the importance of the MPLS header and the concept of penultimate hop popping (PHP). Key terminologies related to MPLS, including FIB and RIB, are also defined.
HSRP ccna
HSRP ccna MohamedJafar5 HSRP (Hot Standby Routing Protocol) defines an active-standby router configuration using virtual IP and MAC addresses to provide default gateway redundancy. The router with the highest priority value becomes the active router and sends periodic hello messages to the standby router. The show standby command can be used to verify the HSRP state and priority values of routers.
Viewers also liked (20)
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert This document discusses common layer 2 security threats and attacks, including MAC layer attacks, VLAN attacks, spoofing attacks, and attacks against switch devices. It describes several specific attacks such as MAC flooding, VLAN hopping, DHCP starvation, and CDP manipulation. The document also provides mitigation strategies for each threat, such as using port security, private VLANs, DHCP snooping, and disabling unused protocols.
Cisco ASR 1001-X Router
Cisco ASR 1001-X RouterNetProtocol Xpert The document discusses using the Cisco ASR 1001-X router to handle large traffic loads entering a centralized datacenter from global sites. Specifically:
- The ASR 1001-X is capable of aggregating 1Gbps of traffic entering the datacenter and connecting to an ISP edge router.
- It has redundant Cisco IOS-XE software, encryption support up to 78Gbps, 8GB of DRAM, and a quad-core processor.
- While the ASR 1001-X can handle many scenarios, larger routers like the ASR 1001-HX or ASR 1002-HX are needed for more slots or higher traffic loads over 20Gbps.
Cisco ISR 4351 Router
Cisco ISR 4351 RouterNetProtocol Xpert The Cisco ISR4351 router is designed to fill the gap between the Cisco 3900 series routers and Cisco ASR routers. It offers up to 400 Mbps of bandwidth in a 2RU form factor. The Cisco ISR4351 is suggested for migrations from Cisco 2951 routers. It has an 8-core CPU with dedicated processing cores and support for up to 16GB of memory. The Cisco ISR4351 is recommended for networks requiring bandwidth between 200-400 Mbps.
Securing management, control & data plane
Securing management, control & data planeNetProtocol Xpert The document discusses securing the management, control, and data planes of a network. It describes:
1. Securing the management plane through strong passwords, encrypted protocols like SSH, user authentication using AAA, role-based access control, logging, and network time protocol.
2. Securing the control plane using control plane policing and protection to minimize CPU load and protect against denial of service attacks.
3. Securing the data plane using access control lists, antispoofing features, port security, DHCP snooping, dynamic ARP inspection, and IP source guard to filter traffic and prevent spoofing and man-in-the-middle attacks.
Configuring Standard ACLs
Configuring Standard ACLsNetProtocol Xpert Standard ACLs are configured on routers to permit or deny traffic based on source IP addresses. The ACL number must be between 1-99 or 1300-1999. The ACL is applied to an interface using the ip access-group command with the in or out keyword to specify the traffic direction. For example, an ACL can permit traffic from a management LAN subnet to a server, and the ACL would be applied to the incoming interface using the "in" keyword.
Private VLANs
Private VLANsNetProtocol Xpert Private VLANs allow splitting a regular VLAN into multiple "subdomains" to provide isolation between hosts at layer 2. The domains are isolated broadcast domains that require layer 3 forwarding to communicate. Primary, isolated, and community ports are defined for the sub-VLANs. Primary VLANs deliver frames downstream, isolated VLANs carry frames upstream, and community VLANs allow communication within the same group and to promiscuous ports. The configuration binds VLANs into a private VLAN domain, maps host ports to secondary VLANs, and maps a promiscuous port to all secondary VLANs to allow inter-subnet communication.
DHCP Snooping
DHCP SnoopingNetProtocol Xpert DHCP Snooping allows switches to prevent man-in-the-middle attacks by DHCP spoofing. It trusts only the port connected to the DHCP server, monitors traffic for IP and MAC bindings, and uses this information for other security features. When enabled, DHCP Snooping will only forward DHCP requests to trusted ports and maintain a table of client bindings.
Application & Data Center
Application & Data CenterNetProtocol Xpert The document discusses changes in data center and network architecture over time from mainframes to personal computers to modern cloud platforms. Traditional spanning tree protocol (STP) architectures are no longer suitable due to shifting traffic patterns and new applications. New options like layer 2 fabrics, encapsulated overlays, and software-defined networking can provide more flexibility, scalability, and agility needed to adapt to changing demands.
IS-IS Protocol Introduction
IS-IS Protocol IntroductionNetProtocol Xpert IS-IS is an interior gateway protocol that uses link-state routing and SPF algorithms to calculate the shortest path. It supports both CLNP and IP and has three routing levels - level 1 for intra-area routing, level 2 for inter-area routing, and level 1/2 routers that connect levels 1 and 2. There are three types of IS-IS routers: level 1 that exchange intra-area topology, level 2 that exchange inter-area topology, and level 1/2 that act as border routers between levels 1 and 2.
IS-IS vs OSPF
IS-IS vs OSPFNetProtocol Xpert IS-IS and OSPF are both link-state interior gateway protocols that use the SPF algorithm and support VLSM. However, IS-IS operates above layer 2 and routers belong to one area, while OSPF operates at the IP layer and routers can belong to multiple areas. Additionally, IS-IS uses DIS while OSPF uses DR/BDR, and OSPF supports virtual links while IS-IS does not.
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesNetProtocol Xpert TCLSH and macros can be used on Cisco routers and switches to automate pinging multiple IP addresses to check connectivity. TCLSH scripts use a foreach loop to ping each IP address returned from show commands like show ip alias or show ip interface brief. Macros can also be used on switches that do not support TCLSH by creating a macro that executes multiple ping commands in the global configuration. Both methods ping multiple addresses without needing to manually ping each one.
OTV Configuration
OTV ConfigurationNetProtocol Xpert This document provides instructions for setting up and configuring OTV (Overlay Transport Virtualization) in a lab environment to connect two data center sites. The key steps include:
1. Setting up the physical lab topology with two Nexus 7000 switches acting as OTV edge devices in each site, with dedicated VDCs for OTV.
2. Configuring OTV features and licenses on the edge devices, defining the site VLAN and extended VLANs, and configuring join interfaces to connect the devices.
3. Creating overlay interfaces on the edge devices and associating the control and data multicast groups.
4. Verifying the OTV configuration and checking for adjacencies between edge devices
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert Dynamic ARP inspection (DAI) is a security feature that prevents man-in-the-middle attacks by validating ARP packets. It relies on DHCP snooping to build a database of valid IP-MAC address bindings. When enabled, DAI will drop ARP packets that do not match entries in the DHCP snooping database, preventing ARP poisoning attacks. The document then demonstrates configuring and testing DAI on a switch to block an ARP poisoning attempt by a rogue workstation.
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandNetProtocol Xpert Avoid DNS lookup when mistyping a command
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP)NetProtocol Xpert Spanning Tree Protocol (STP) prevents Layer 2 switching loops and broadcast storms in a local area network by allowing redundant links without the risk of loops. STP was developed by Radia Perlman at DEC and standardized as IEEE 802.1D. A newer version known as Rapid Spanning Tree Protocol (RSTP) has faster convergence time than the original STP.
Is Is Routing Protocol
Is Is Routing Protocolhayenas IS-IS is an interior gateway protocol that builds a topological representation of the network and supports routing between areas and routers. It is a link-state protocol that is similar to OSPF, with OSPF areas corresponding to IS-IS levels and OSPF neighbors mapping to IS-IS adjacencies. IS-IS was developed for OSI but can also carry IPv4 and IPv6.
EtherChannel Configuration
EtherChannel ConfigurationNetProtocol Xpert EtherChannel allows grouping multiple physical Ethernet links into a single logical link to provide fault tolerance and increased bandwidth. Key points for configuration include using the same port types, speed and duplex settings across all ports in the channel. Settings like VLAN lists and STP settings must also be consistent. Layer 3 EtherChannel requires assigning an IP to the port-channel interface, while Layer 2 only requires adding the physical ports to the channel group. Verification can be done with show commands.
Frame Relay (point to point)
Frame Relay (point to point)NetProtocol Xpert This document provides configuration instructions for setting up a basic Frame Relay point-to-point network with three Cisco routers connected to a Frame Relay switch. It describes configuring the DLCI port mappings between each router interface and the switch ports. It then provides the configuration steps for each router to encapsulate their serial interfaces for Frame Relay, assign IP addresses to each subinterface, associate the subinterfaces to DLCIs on the switch, and verify connectivity between the routers.
IS-IS Protocol Addresses
IS-IS Protocol AddressesNetProtocol Xpert IS-IS (Intermediate System to Intermediate System) Protocol uses NSAP (Network Service Access Point) addresses instead of IP addresses. NSAP addresses consist of an area address, system ID, and N-selector. The area address contains an AFI, IDI, and HODSP. NSAP addresses can also be divided into an interdomain part containing an AFI and IDI, and a domain-specific part containing HODSP, system ID, and NSEL. IS-IS uses different multicast addresses for L1 and L2 updates depending on the network type.
IS-IS Protocol Adjacency
IS-IS Protocol Adjacency NetProtocol Xpert IS-IS uses three types of adjacencies - L1, L2, and L1/2. Adjacencies are established through a three-way handshake and can be in one of three states: down, initializing, or up. Key IS-IS operations include routers discovering neighbors through hello messages, establishing adjacencies, building LSPs, flooding LSPs to neighbors, running SPF to build routing tables. DIS is elected to reduce the mesh in broadcast networks and is chosen based on priority and MAC address.
Ad
Similar to MPLS Layer 3 VPN (20)
ODA000017 MPLS VPN(L3).ppt
ODA000017 MPLS VPN(L3).pptmarwan76 1) The document defines several types of VPNs including IP-VPN, network-based IP-VPN, VLL, VPDN, VPLS, and VPRN. 2) MPLS VPN uses MPLS to create private networks over a public IP network. It establishes VPNs by using tunneling protocols and assigning unique routing identifiers to each VPN. 3) MPLS VPN provides isolation and security for each VPN by maintaining separate forwarding tables and using route distinguishers, route targets, and MPLS labels to direct traffic to the correct VPNs.
MPLS-based Layer 3 VPNs.pdf
MPLS-based Layer 3 VPNs.pdfHuynh MVT The document outlines a lab focused on studying Layer 3 Virtual Private Networks (L3VPNs) using MPLS and BGP. It describes the setup of a network service provider's MPLS infrastructure to provide VPN services for two customers, including configuration steps for routers, MPLS, and routing protocols. Key learning objectives include the operation of MPLS-based L3VPNs, the creation of virtual routing and forwarding instances, and the exchange of routing information for connecting customer sites.
Mpls vpn.rip
Mpls vpn.ripfarhanica This document provides a configuration example for setting up an MPLS VPN with RIP routing on the customer side. Key aspects of the configuration include:
- Creating a VRF for each VPN and configuring route targets and import/export rules for BGP extended communities to associate routes with the correct VPN
- Configuring PE interfaces with the correct VRF forwarding and IP addresses
- Redistributing routes between routing protocols (RIP, OSPF, BGP) on the PE routers to exchange routes between the CE and P routers
- Configuring IBGP between PE routers to exchange VPNv4 routes using MPLS labels and BGP extended communities
Multiprotocol label switching (mpls) - Networkshop44
Multiprotocol label switching (mpls) - Networkshop44Jisc MPLS enables packets to be forwarded based on labels rather than IP addresses. PE routers add labels to incoming packets and remove labels from outgoing packets. P routers swap or pop labels to forward packets. MPLS with L3 VPN allows private networks in different locations to communicate securely over a shared infrastructure by associating routes with virtual routing instances (VRFs) and advertising them using BGP. An example configuration shows VRF and BGP configuration, along with commands to view MPLS label bindings and packet forwarding information.
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideAbel Saduwa The document discusses Virtual Private Routed Network (VPRN) services. VPRNs use BGP and MPLS to provide Layer 3 VPN connectivity between customer sites. Each VPRN has its own routing table maintained by provider edge (PE) routers. PE routers exchange routes for each VPRN using MP-BGP. Routes include a Route Distinguisher to identify the VPRN. Tunnels using MPLS or GRE carry customer traffic across the provider network to the correct PE router based on the route label. The document outlines requirements, protocols, and features used to implement VPRNs such as route reflectors, route redistribution, and CE connectivity checks.
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Ashish Tanwer The document discusses the design of a high capacity service provider network using Generalized Multiprotocol Label Switching (GMPLS) for next generation IP networks. It outlines the internal architecture of the service provider including the use of BGP confederations, virtual routing and forwarding instances (VRFs), route targets, and route distinguishers to optimize routing. It also describes different GMPLS topology models and considers hardware designs from Cisco, Juniper, and Ciena to support latest protocols, security, and scalability.
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Febrian This document describes a presentation on designing MPLS Layer 3 VPN networks, covering MPLS VPN technology overview, configuration, services such as multihoming and hub-and-spoke, and best practices. The presentation discusses how MPLS VPNs use VRFs, MP-BGP, and label switching to provide scalable VPN services to enterprises by separating routing and forwarding tables for each customer VPN. Sample MPLS VPN configurations for PE, P, and route reflector routers are also provided.
Mpls layer 3 vp ns
Mpls layer 3 vp nsIT Tech This document summarizes how MPLS Layer 3 VPNs use VRFs (Virtual Routing and Forwarding instances) to segment customer traffic and allow overlapping IP addresses. It provides configuration examples on a router to create two VRFs ("VRF_RED" and "VRF_BLUE") for different customers. Interface configurations, route targets, redistribution of routes between IGPs and BGP sessions are demonstrated to establish end-to-end connectivity between customer networks while isolating their traffic through label pushing/swapping operations in the MPLS core.
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor This document discusses the implementation of MPLS VPNs utilizing QoS capabilities for connecting networks, notably for medium and large enterprises. It outlines the architecture, components, and configuration of MPLS VPNs, as well as the advantages of using this technology over traditional VPNs due to its traffic engineering capabilities and quality of service. Furthermore, it proposes enhancements for better performance and security, addressing QoS requirements tailored to customer needs.
8 - Configuring a VPRN Nokia Router.pptx
8 - Configuring a VPRN Nokia Router.pptxbaskoroyogip This document introduces the configuration of a Virtual Private Routed Network (VPRN) on the Nokia 7750 SR platform, assuming familiarity with MPLS and routing protocols. It outlines key concepts and components required for VPRN configuration, including service access points, service distribution points, and various routing policies. Additionally, detailed examples of configurations and routing tables for multiple subscribers are provided to illustrate the implementation process.
G010314853
G010314853IOSR Journals This document discusses implementing a virtual private network (VPN) over multi-protocol label switching (MPLS). It begins with an introduction to MPLS and how it works using label switching to route packets. It then discusses VPNs and how MPLS VPNs use separate routing tables called virtual routing and forwarding tables to isolate customer networks. The document demonstrates configuring an MPLS VPN using the GNS3 network simulator with two customer edge routers connecting two customer sites over an MPLS provider network. MPLS, VPNs, and the specific configuration steps are described. In the results section, the routing tables of the customer edge routers are shown to have routes from both customer sites, demonstrating that the MPLS VPN was successfully implemented to connect
Mpls based vpn connectivity
Mpls based vpn connectivityPrem kumar The document discusses MPLS-based VPN connectivity among inter-provider ISPs, focusing on how VPNs utilize shared infrastructures for secure remote access across geographically separated sites. It outlines the architecture and processes involved, including the use of MPLS for efficient data forwarding and the redistribution of VPN information between ISPs. Two methods for achieving cross-ISP VPN connectivity are proposed, namely back-to-back VRF and ASBR-to-ASBR approaches, highlighting their configurations and functionalities.
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)Netwax Lab Virtual Routing and Forwarding (VRF) is a technology that allows multiple routing table instances to coexist within a single router, enhancing network segmentation and security. VRF is commonly utilized by ISPs to create separate virtual private networks (VPNs), enabling overlapping IP addresses without conflict. VRF-lite extends these capabilities to customer edge devices while maintaining distinct routing tables for different clients, allowing efficient use of infrastructure.
Interautonomous System PLS VPN Advanced Concepts
Interautonomous System PLS VPN Advanced ConceptsBrozaa - The document discusses routing and traffic engineering techniques for inter-autonomous system MPLS VPNs. It describes using route reflectors to exchange routes between sub-autonomous systems and using next-hop-self to modify next-hop attributes. It also covers scaling inter-AS routing with techniques like automatic route filtering and inbound route filtering. Additional topics include downstream route target allocation for filtering, load balancing traffic across multiple inter-AS links, and using redundant PE-ASBR routers.
Juniper L2 MPLS VPN
Juniper L2 MPLS VPNmehrdad1981 1. The document discusses provider-provisioned layer 2 MPLS VPNs, which allow customers to construct private networks over a shared infrastructure while maintaining independent addressing and routing.
2. Key components include customer edge routers, provider edge routers, and provider routers. The provider edge routers exchange VPN routing information and use MPLS to forward traffic across the shared core network.
3. Provisioning involves configuring customer edge devices and VPN forwarding tables at provider edges to map customer sites to MPLS labels for transport across the core.
V R F Checking
V R F Checkinginnyspencer This document discusses security concerns regarding MPLS VPN configurations and proposes methods to check MPLS VPN configurations for errors and compliance. Key points that should be checked include VPN access points, VRF configurations, route distinguishers (RD), route targets (RT), routes, and administrative/service VPN configurations. A tool is proposed to collect configuration data from provider edge (PE) routers periodically and check for obvious errors, inconsistencies, and non-compliance between actual and allocated configurations across all VPNs in the network. Results would be provided to both network operators and VPN owners.
ISP core routing project
ISP core routing projectvishal sharma This document describes an ISP core routing topology project that was implemented to demonstrate how a company accesses its servers through the internet. The key features of the project include MPLS Layer 3 VPN, an IPv6 network with an IPv6 DNS server, various redundancy protocols like HSRP, VRRP and GLBP, dynamic routing protocols such as BGP, EIGRP and OSPF, and a Linux server providing services like DNS, Apache, FTP and SSH. MPLS is used to eliminate delays and provide a VPN connecting different company branches. The topology also features an IPv6 tunnel over an IPv4 network and dual stacking for IPv6/IPv4 communication.
Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...Ashish Tanwer The document outlines the internal architecture of a service provider backbone network using BGP confederations for next generation networks. It describes the key characteristics of service providers and discusses the logical design, including using IBGP with route reflectors replaced by BGP confederations. MPLS is used with virtual routers and route targets to control route distribution and identify VPN routes. Sample hardware designs using Cisco and Juniper routers and switches are also presented.
L3 Vpn Diagnosing Common Problems
L3 Vpn Diagnosing Common ProblemsAmir Malik The document provides troubleshooting steps for diagnosing common Layer 3 VPN problems by checking connectivity and routes between customer edge (CE) routers and provider edge (PE) routers at each end of the VPN. The steps include checking routing protocol peering, ping connectivity, and presence of routes from the local CE in routing tables on local and remote PEs and remote CE. Issues to examine include routing protocol, BGP, label distribution, and import/export policy configurations.
Multivendor MPLS L3VPN
Multivendor MPLS L3VPNStefano Sasso - The document describes a small MPLS VPN network with multiple vendor PE routers (Mikrotik, Cisco, Juniper).
- There is a minor bug in Mikrotik's BGP-VPNv4 implementation where the Route Distinguisher is propagated in reverse order, but this does not cause issues.
- The network uses OSPF or BGP between the PE and CE routers to distribute routes for different VPNs with unique Route Distinguishers and Route Targets.
Ad
More from NetProtocol Xpert (18)
Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)NetProtocol Xpert This document provides instructions for configuring basic network security on a Cisco ASA 5506-x firewall. It outlines requirements for separating networks into an Internet, user, and DMZ segment. It then provides steps to update the ASA software, configure interfaces and security levels, enable internet access via NAT and routing, allow web access to servers on the DMZ, optionally configure DHCP, and optionally redirect traffic to the FirePOWER module. It also includes steps for hardening the device by shutting down unused interfaces, enabling SSH access, and configuring time and logging.
Storm-Control
Storm-ControlNetProtocol Xpert Storm control blocks interfaces from receiving excessive broadcast, multicast, or unicast traffic over a threshold within a time period. When traffic exceeds the rising threshold, the interface is blocked until traffic drops below the falling threshold. Storm control can shut down interfaces or send SNMP traps. It was tested between two switches, with one interface shutting down when unicast traffic exceeded 100 packets per second due to storm control being triggered.
IP Source Guard
IP Source Guard NetProtocol Xpert IP Source Guard (IPSG) helps prevent IP spoofing attacks by dropping any traffic that does not match the bindings in the DHCP Snooping database or configured static IP bindings. IPSG creates ACLs dynamically on each port to block unauthorized traffic. It must be enabled on all access ports along with DHCP Snooping to be effective. Static IP/MAC bindings can also be configured for devices not using DHCP.
Password Recovery
Password RecoveryNetProtocol Xpert This document provides steps to recover passwords on a Cisco router by booting from flash memory rather than the startup configuration. The steps include shutting down the router, removing the compact flash card, rebooting to enter ROMMON mode, changing the configuration register to boot from flash, and resetting the router. Once logged in, the user can issue commands like "show running-config" to view current settings, and "configure terminal" to change the enable secret password.
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPNetProtocol Xpert - The Point-to-Point Protocol (PPP) provides a standard method for transporting multi-protocol packets over point-to-point links. PPP establishes communication in three phases: Link Control Protocol (LCP) phase for link configuration, optional authentication phase using Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP), and Network Control Protocol (NCP) phase for layer 3 configuration.
- PAP transmits passwords in clear text, while CHAP uses an encrypted hash to authenticate peers without transmitting passwords. The document provides configuration examples for PPP, PAP, and CHAP authentication between two routers to establish a point-to-point link.
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert MTU refers to the largest size packet that can be transmitted out of a network interface. The path MTU is the lowest MTU of any interface along the transmission path. If a packet is larger than the path MTU, it will be fragmented or dropped. PMTUD allows endpoints to determine the optimal packet size to avoid fragmentation by starting with the local MTU and reducing size if packets are dropped.
Cisco OTV
Cisco OTV NetProtocol Xpert This document discusses Cisco OTV (Overlay Transport Virtualization) and how it separates STP domains between sites, allows different STP technologies per site, handles multi-homing between sites using an Authoritative Edge Device (AED) to prevent loops, and optimizes the forwarding of different traffic types including unicast, multicast, broadcast, and ARP packets between sites while supporting MAC mobility. It also discusses how OTV isolates FHRP protocols between sites.
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)NetProtocol Xpert OTV is a technology that provides layer 2 extension capabilities between different data centers without using tunnels. It encapsulates layer 2 traffic with an IP header and transports it across an IP network. OTV devices called edge devices perform layer 2 learning and forwarding within a data center and encapsulation functions to extend layer 2 traffic across sites using IP addresses and multicast groups for control and data plane MAC address advertisement and traffic forwarding between sites.
Regular expression examples
Regular expression examplesNetProtocol Xpert This document provides examples and explanations of regular expressions. It covers basic regex syntax like | (or), [] (character sets), . (wildcards), ^/$ (start/end anchors), and *+? (quantifiers). Simple examples demonstrate matching numbers, ranges, and strings. More complex examples show grouping, repetition, and matching BGP autonomous system paths. The document concludes with examples of using regex to filter Cisco IOS show command output.
Eigrp is restricted to stub connections
Eigrp is restricted to stub connections NetProtocol Xpert The document discusses EIGRP functionality on Cisco 3850 switches with an IP Base license. It explains that EIGRP is restricted to stub connections only, meaning it can only run as a stub. This prevents routes learned by EIGRP from being advertised upstream from the 3850 switch. However, a route leak map can override this behavior and allow routes to be advertised after all.
Converting ipv4 to ipv6 and vice versa
Converting ipv4 to ipv6 and vice versaNetProtocol Xpert - IPv6 addresses can be converted to IPv4 addresses and vice versa through a process of dividing the octets by 16 and representing the quotients and remainders in hexadecimal.
- For example, the IPv4 address 192.168.99.1 would convert to the IPv6 portion 2002:C0A8:6301::1/64 by dividing each octet by 16 to get the hexadecimal representation.
- Converting back, the hexadecimal values C0A8:6301 would be reconverted to decimal by multiplying the hexadecimal places by 16 and 1, respectively, and summed to get the original IPv4 address 192.168.99.1.
Password recovery cisco catalyst 3850
Password recovery cisco catalyst 3850NetProtocol Xpert The document provides steps to recover the password on a Cisco Catalyst 3850 switch. The steps are: 1) power off the switch and hold the mode button for 12 seconds to boot to the ROMMON prompt, 2) enter commands to ignore the startup config and reboot, 3) copy the startup config to running to restore configuration, 4) add a new user or change the enable secret, and 5) save the configuration and reload the switch.
Cisco 2960x switch password recovery
Cisco 2960x switch password recoveryNetProtocol Xpert The document provides step-by-step instructions for performing a password recovery on a Cisco 2960X switch. It explains that to begin, the mode button must be held for 30-40 seconds during power up until "USB Console INIT" appears. Then the flash_init and dir flash: commands allow renaming the config.text file. Reloading the switch ignores the startup config and allows changing passwords before copying the renamed file back.
VMware ESXi 6.0 Installation Process
VMware ESXi 6.0 Installation ProcessNetProtocol Xpert The document provides step-by-step instructions for installing VMware ESXi 6.0 on a server. It first lists the minimum hardware requirements including supported server hardware, CPUs, RAM, network adapters and storage. It then outlines the interactive installation process using a CD/DVD including selecting options, providing passwords, configuring networking and applying changes. Once complete, the vSphere client can be used to manage the new ESXi host.
EIGRP (Enhanced Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)NetProtocol Xpert EIGRP is a proprietary routing protocol developed by Cisco that uses a composite metric and has fast convergence properties. It functions as a hybrid of distance-vector and link-state routing protocols, sending subnet mask and VLSM information in updates. EIGRP forms neighbor relationships through periodic hello messages and establishes three key tables - Neighbor, Topology, and Routing - to store neighbor, route, and best path information. It utilizes five packet types and reliable transport to efficiently share routing updates.
OSPF External Route Summarization
OSPF External Route Summarization NetProtocol Xpert The document discusses OSPF external route summarization. It explains that external routes are carried by type 5 LSAs generated by ASBR routers. To summarize external routes, the summary-address command is configured on the ASBR with the IP address and mask of the summary. This replaces individual external routes with a single summary route. The example configuration shows external routes being redistributed into OSPF on a router acting as ASBR, and an external route being summarized to replace multiple individual routes with one summary route.
OSPF Internal Route Summarization
OSPF Internal Route SummarizationNetProtocol Xpert The document discusses OSPF internal route summarization. It explains that OSPF summarization can only be configured on area border routers (ABRs) between areas, and that it involves using a route range to join multiple routes into fewer summary routes. Configuring summarization reduces routing table and link state database sizes. The example shows routing tables and link state databases before and after configuring a route range on an ABR to summarize two networks in an area into a single inter-area route.
Redistribution into OSPF
Redistribution into OSPFNetProtocol Xpert This document discusses redistributing routes between OSPF and EIGRP routing protocols. There are two types of external routes when redistributing into OSPF - E1 and E2. E1 routes are redistributed with the default metric plus the internal OSPF cost, while E2 routes are redistributed with the default metric unchanged. The example topology redistributes routes between two EIGRP domains into an OSPF domain, marking one set of redistributed routes as E1 and the other as E2. Verification commands are provided to check the redistribution.
Recently uploaded (20)
Development of Portable Biomass Briquetting Machine (S, A & D)-1.pptx
Development of Portable Biomass Briquetting Machine (S, A & D)-1.pptxaniket862935 Biomass briquetting Machine
Week 6- PC HARDWARE AND MAINTENANCE-THEORY.pptx
Week 6- PC HARDWARE AND MAINTENANCE-THEORY.pptxdayananda54 Basics of computer hardware for beginners
David Boutry - Mentors Junior Developers
David Boutry - Mentors Junior DevelopersDavid Boutry David Boutry is a Senior Software Engineer in New York with expertise in high-performance data processing and cloud technologies like AWS and Kubernetes. With over eight years in the field, he has led projects that improved system scalability and reduced processing times by 40%. He actively mentors aspiring developers and holds certifications in AWS, Scrum, and Azure.
362 Alec Data Center Solutions-Slysium Data Center-AUH-Glands & Lugs, Simplex...
362 Alec Data Center Solutions-Slysium Data Center-AUH-Glands & Lugs, Simplex...djiceramil submittal
社内勉強会資料_Chain of Thought .
社内勉強会資料_Chain of Thought .NABLAS株式会社 本資料「To CoT or not to CoT?」では、大規模言語モデルにおけるChain of Thought(CoT)プロンプトの効果について詳しく解説しています。
CoTはあらゆるタスクに効く万能な手法ではなく、特に数学的・論理的・アルゴリズム的な推論を伴う課題で高い効果を発揮することが実験から示されています。
一方で、常識や一般知識を問う問題に対しては効果が限定的であることも明らかになりました。
複雑な問題を段階的に分解・実行する「計画と実行」のプロセスにおいて、CoTの強みが活かされる点も注目ポイントです。
This presentation explores when Chain of Thought (CoT) prompting is truly effective in large language models.
The findings show that CoT significantly improves performance on tasks involving mathematical or logical reasoning, while its impact is limited on general knowledge or commonsense tasks.
Modern multi-proposer consensus implementations
Modern multi-proposer consensus implementationsFrançois Garillot Multi-proposer consensus protocols let multiple validators propose blocks in parallel, breaking the single-leader throughput bottleneck of classic designs. Yet the modern multi-proposer consensus implementation has grown a lot since HotStuff. THisworkshop will explore the implementation details of recent advances – DAG-based approaches like Narwhal and Sui’s Mysticeti – and reveal how implementation details translate to real-world performance gains. We focus on the nitty-gritty: how network communication patterns and data handling affect throughput and latency. New techniques such as Turbine-like block propagation (inspired by Solana’s erasure-coded broadcast) and lazy push gossip broadcasting dramatically cut communication overhead. These optimizations aren’t just theoretical – they enable modern blockchains to process over 100,000 transactions per second with finality in mere milliseconds redefining what is possible in decentralized systems.
Center Enamel can Provide Aluminum Dome Roofs for diesel tank.docx
Center Enamel can Provide Aluminum Dome Roofs for diesel tank.docxCenterEnamel Center Enamel can Provide Aluminum Dome Roofs for diesel tank.docx
Introduction to Natural Language Processing - Stages in NLP Pipeline, Challen...
Introduction to Natural Language Processing - Stages in NLP Pipeline, Challen...resming1 Lecture delivered in 2021. This gives an introduction to Natural Language Processing. It describes the use cases of NLP in daily life. It discusses the stages in NLP Pipeline. It highlights the challenges involved covering the different levels of ambiguity that could arise. It also gives a brief note on the present scenario with the latest language models, tools and frameworks/libraries for NLP.
Cadastral Maps
Cadastral MapsGoogle Preparation of cadastral maps based by Engineer Dungo Tizazu from Dire Dawa University
How Binning Affects LED Performance & Consistency.pdf
How Binning Affects LED Performance & Consistency.pdfMina Anis 🔍 What’s Inside:
📦 What Is LED Binning?
• The process of sorting LEDs by color temperature, brightness, voltage, and CRI
• Ensures visual and performance consistency across large installations
🎨 Why It Matters:
• Inconsistent binning leads to uneven color and brightness
• Impacts brand perception, customer satisfaction, and warranty claims
📊 Key Concepts Explained:
• SDCM (Standard Deviation of Color Matching)
• Recommended bin tolerances by application (e.g., 1–3 SDCM for retail/museums)
• How to read bin codes from LED datasheets
• The difference between ANSI/NEMA standards and proprietary bin maps
🧠 Advanced Practices:
• AI-assisted bin prediction
• Color blending and dynamic calibration
• Customized binning for high-end or global projects
Structural Design for Residential-to-Restaurant Conversion
Structural Design for Residential-to-Restaurant ConversionDanielRoman285499 Overview of a 4-month project working on designing the structural components of a residential building to meet new code
Fundamentals of Digital Design_Class_12th April.pptx
Fundamentals of Digital Design_Class_12th April.pptxdrdebarshi1993 Boolean Algebra and Combinational Logic Circuit
IntroSlides-June-GDG-Cloud-Munich community [email protected]
IntroSlides-June-GDG-Cloud-Munich community [email protected]Luiz Carneiro Introduction slides for starting the June GDG Cloud Munich community gathering in Munich, Germany.
NALCO Green Anode Plant,Compositions of CPC,Pitch
NALCO Green Anode Plant,Compositions of CPC,Pitcharpitprachi123 Its a pdf about all the process involving in the green anode production
02 - Ethics & Professionalism - BEM, IEM, MySET.PPT
02 - Ethics & Professionalism - BEM, IEM, MySET.PPTSharinAbGhani1 ethics & professionalism based on BEM
Understanding Amplitude Modulation : A Guide
Understanding Amplitude Modulation : A GuideCircuitDigest Discover how amplitude modulation works through a detailed guide covering its principles, waveform behavior, and hands-on AM circuit demo using simple electronic components. Great for students and RF beginners.
Read more : https://circuitdigest.com/electronic-circuits/what-is-amplitude-modulation-complete-guide-formula-circuit-diagram-practical-demonstration
Rigor, ethics, wellbeing and resilience in the ICT doctoral journey
Rigor, ethics, wellbeing and resilience in the ICT doctoral journeyYannis The doctoral thesis trajectory has been often characterized as a “long and windy road” or a journey to “Ithaka”, suggesting the promises and challenges of this journey of initiation to research. The doctoral candidates need to complete such journey (i) preserving and even enhancing their wellbeing, (ii) overcoming the many challenges through resilience, while keeping (iii) high standards of ethics and (iv) scientific rigor. This talk will provide a personal account of lessons learnt and recommendations from a senior researcher over his 30+ years of doctoral supervision and care for doctoral students. Specific attention will be paid on the special features of the (i) interdisciplinary doctoral research that involves Information and Communications Technologies (ICT) and other scientific traditions, and (ii) the challenges faced in the complex technological and research landscape dominated by Artificial Intelligence.
MPLS Layer 3 VPN
- 1. MPLS Layer 3 VPN Explained WWW.NETPROTOCOLXPERT.IN
- 2. Layer 3: the service provider will participate in routing with the customer. The customer will run OSPF, EIGRP, BGP or any other routing protocol with the service provider, these routes can be shared with other sites of the customer. VPN: routing information from one customer is completely separated from other customers and tunnelled over the service provider MPLS network.
- 3. Topology • we have two customers connected to a service provider network. Customer A and B each have two sites and you can see that they are using the same IP ranges. • Customer A might use OSPF between their sites and customer B could use EIGRP between their sites. Everything from these customers is completely separated by the service provider.
- 4. VRF (Virtual Routing and Forwarding) This is the first step in separating traffic from different customers. Instead of using a single global routing table, we use multiple routing tables. Each customer of the service provider will use a different VRF. We have our PE1 router with the two customer sites. Each customer will use a different VRF so the overlapping address space is no problem. Now you might be wondering, why don’t we use VRFs everywhere instead of MPLS? We could but there’s one downside to using VRFs.
- 6. The problem with VRFs is that you have to create them everywhere. When our goal is to have connectivity between CE1 and CE3 then we will have to add a VRF on the PE1, P and PE2 router. Also, all the service provider routes will have to participate with routing. For example, when customer A wants to run OSPF between their two sites then it means that we have to configure OSPF on the PE1, P and PE2 router of the service provider for their VRF. When customer B wants to run EIGRP between their sites, we have to participate…we’ll have to configure EIGRP on all service provider routers for the VRF of customer B. This is not a scalable solution so it’s not going to happen. Instead, we will configure the VRFs only on the PE routers. The core of the service provider network (P router) will only do switching based on labels. To share information about VRFs between PE routers, we will use BGP.
- 7. MP-BGP (Multi Protocol BGP) We will use BGP between the PE routers so that they can share information from the VRFs. Here’s how it works: One of the CE routers advertises something to the PE router, this can be done through OSPF, EIGRP, BGP or any other routing protocol (static routing is also possible). The PE router uses a VRF for the customer so it will store everything it learns in the routing table of the customer’s VRF. The PE router will then redistribute everything in BGP. The PE router will advertise to the other PE router through iBGP.
- 8. There’s a couple of problems though. First of all, our two customers are using overlapping address space. Let’s say that our PE1 router is advertising 192.168.1.0 /24 from customer A to the PE2 router on the other side.
- 9. The PE2 router will learn 192.168.1.0 /24 from the PE1 router but it has no clue to what customer it will belong. There is no way to differentiate if something belongs to customer A or B. What we need is something to make all prefixes that we learn unique.
- 10. RD (Route Distinguisher) we will use a RD (Route Distinguisher). We will add something to the prefix of the customer so that it will become unique: The RD is a 8 byte (64 bit) field. You can use any value you want but typically we use the ASN:NN format where ASN is the service provider’s AS number and NN is a number we pick that identifies the site of the customer. The RD and the prefix combined is what we call a VPNv4 route. We now have a method to differentiate between the different prefixes of our customers.
- 11. We use RD 123:10 for customer A and RD 123:20 for customer B. By adding these values, we have unique VPNv4 routes.
- 12. MP-BGP supports IPv4 unicast/multicast, IPv6 unicast/multicast and it has support for VPNv4 routes. To exchange VPNv4 routes, MP-BGP uses a new NLRI (Network Layer Reachability Information) format that has the following attributes: RD (Route Distinguisher) IPv4 prefix Next Hop VPN Label This is how PE routers exchange VPNv4 routes with each other. This NRL also has an attribute called the VPN label.
- 13. RT (Route Target) When a PE router learns these VPNv4 routes, what will it do with it? Take a look at the topology below: • Our PE2 router has learned the two VPNv4 routes, one for each customer. You might think that the PE2 router will automatically export each VPNv4 route in the correct customer VRF but that’s not going to happen. • We use something called a RT (Route Target) to decide in which VRF we import and export VPNv4 routes.
- 14. The RT is a 8 byte value that uses the same format as the RD (ASN:NN). It's advertised between PE routers by using a BGP extended community value. For each VRF that we configure, we tell it what RTs we want to import and export.
- 15. Let me explain the Topology above: Both PE routers are configured to use a VRF called "CustA“ for customer A. When PE1 receives a prefix from CE1, it will add RD 123:10 to it to create a unique VPNv4 route. PE1 is configured to add RT 123:1 to all VPNv4 routes for VRF CustA. PE1 will advertise the VPNv4 route to PE2. PE2 is configured to export all VPNv4 routes that use RT 123:1 into VRF CustA. When PE2 receives the VPNv4 route, it will redistribute it into the VRF so that CE3 will learn the prefix. The end result will be that CE3 will learn prefix 192.168.1.0 /24 that was advertised by CE1. Since the RD and RT use the same format, many people confuse these two. Normally we use the same value for these two but to emphasize that the RD and RT are two different things, I used 123:10 for the RD and 123:1 for the RT.
- 16. Now let see the topology with our two customers again:
- 17. In the topology above you can see that the PE routers are importing and exporting everything from customer A with RT value 123:1. This allows CE1 and CE3 to learn everything from each other. We do the same thing for customer B but we use RT 123:2 for VRF CustB. CE2 and CE4 will be able to learn everything from each other. The RT gives us a lot of control over our VPNv4 routes. Do you want to give customer B access to the networks behind CE3 of customer A? Just import and export some RTs and it's done. Do you want to build a hub and spoke topology for a third customer? No problem, we can do this by importing and exporting some RTs. The service provider can also use this to offer "shared services" like Internet access.
- 18. Transport & VPN Label Everything that we just discussed about the VRFs, MP-BGP, RD and RT occurs on the control plane. On the data plane, we still have a problem.
- 19. In the topology above I have added a couple of extra P routers so that we have a nice example of how the routers in the service provider network forward traffic. In the example, the CE1 router from the customer is sending an IP packet with source address 192.168.1.1 and destination 192.168.2.2 to the PE1 router. The PE1 router will add a transport label to the IP packet and our MPLS packet will be label switched all the way to P3 which pops the label (penultimate hop popping) so that PE2 receives the IP packet. In the header of this IP packet, there's nothing that will help PE2 decide where to forward it to. To fix this problem, we will add a second label to the IP packet called the VPN label Besides the RT, the PE1 router will also advertise a VPN label to the PE2 router.
- 21. The CE1 router sends an IP packet to the PE1 router. The PE1 router will first add a VPN label to the IP packet, in this example we'll pick number 21. The PE1 router also adds a transport label to it and it will be forwarded to the P1 router. The packet makes it to the P3 router, which pops the transport label. PE2 sees VPN label 21 and knows that this belongs to the RT of the VRF that connects to CE3. It pops the label and forwards the IP packet to CE3.
- 22. Follow us @ www.facebook.com/NetProtocolXpert www.instagram.com/netprotocol_xpert plus.google.com/collection/k8HMDB twitter.com/NPX_cisco www.linkedin.com/company/netprotocol-xpert netprotocolxpert.blogspot.in remote.com/netprotocolxpert www.netprotocolxpert.in