PSTN vs ISDN

​“PSTN” means “Public Switched Telephone Network,” and “ISDN” means “Integrated Services Digital Network.”

1.PSTN lines are analogue while ISDN lines are digital.
2.When comparing the two networks, the PSTN lines are used for small companies and ISDL are used for bigger companies.
3.The ISDN provides 128 kbps, which is really good for the Internet. PSTN (maximum rate of 56kbps) has a disadvantage that it does not make the most possible use of the broadband.
4.While PSTN does not allow two simultaneous connections, it is allowed in ISDN service.
5.When using ISDN, one can make faster calls than when using the PSTN.6.Both are mostly obsolete now with Ethernet and TCP/IP based networks and the Internet providing all that and a lot more.

Configure Time-Base ACLs

A network administrator has a situation that requires time-based ACLs. Users are not allowed to access the Internet during business hours, except during lunch and after hours until 7 p.m. when the office closes. This is a time-based ACL that supports the requirement:

R1(config)# time-range employee-time

R1(config-time-range)# periodic weekdays 12:00 to 13:00

R1(config-time-range)# periodic weekdays 17:00 to 19:00

R1(config-time-range)# exit

R1(config)# access-list 100 permit ip 192.168.1.0 0.0.0.255 any time-range employee-time

R1(config)# access-list 100 deny ip any any

R1(config)# interface FastEthernet 0/1

R1(config-if)# ip access-group 100 in

R1(config-if)# exit

In this example, the commands allow IP access to the Internet during lunch time and after work hours. ACL 100 permits employee traffic to the Internet during lunch and after work hours between 5 PM and 7 PM.

By vichhaiy Posted in Cisco

OSPF LSA type 1 to 5 summary:

1: only in the same area
2: only DR generates
3: generate by ABRs to flooding to multiple areas
4: used by ABRs to advertise an ASBR to other areas and provide a route to the ASBR.
5: used by ASBR to advertise external (i.e., non-OSPF) network addresses.

By vichhaiy Posted in Cisco

OSPF DR and BDR election notes

NOTE – on point-to-point links a DR and BDR are not elected since only two routers are directly connected.

On LANs, DR and BDR have to be elected. Two rules are used to elect a DR and BDR:
1. Router with the highest OSPF priority will become a DR. By default, all routers have a priority of 1.
2. If there is a tie, a router with the highest router ID wins the election.
3. If there is a tie again, a router with the highest loopback interface address wins the election.
4. If there is still a tile, a router with the highest active physical interface address wins the election.
***The router with the second highest OSPF priority or router ID will become a BDR.

By vichhaiy Posted in Cisco

OSPF features

  • Classless – It is classless by design; therefore, it supports VLSM and CIDR.
  • Efficient – Routing changes trigger routing updates (no periodic updates). It uses the SPF algorithm to choose the best path.
  • Fast convergence – It quickly propagates network changes.
  • Scalable – It works well in small and large network sizes. Routers can be grouped into areas to support a hierarchical system.
  • Secure – It supports Message Digest 5 (MD5) authentication. When enabled, OSPF routers only accept encrypted routing updates from peers with the same pre-shared password.
By vichhaiy Posted in Cisco

Some guidelines you need to consider before start configuring EtherChannel

Follow these guidelines and restrictions when configuring EtherChannel interfaces:

  • EtherChannel support: All Ethernet interfaces on all modules support EtherChannel, with no requirement that interfaces be physically contiguous or on the same module.
  • Speed and duplex: Configure all interfaces in an EtherChannel to operate at the same speed and in the same duplex mode. Also, if one interface in the bundle is shut down, it is treated as a link failure, and traffic will traverse other links in the bundle.
  • VLAN match: All interfaces in the EtherChannel bundle must be assigned to the same VLAN or be configured as a trunk.
  • Range of VLANs: An EtherChannel supports the same allowed range of VLANs on all the interfaces in a trunking Layer 2 EtherChannel.
By vichhaiy Posted in Cisco

Spanning Tree Protocol

Introduction

Spanning Tree Protocol (STP) is essential protocol in redundant switching topologies. The main purpose of this protocol is preventing switching loops. Frames does not have TTL field, so it’s not possible to discard frames, which loops continuously. There are many implementation of STP (PVST, PVST+, rapid PVST+, RSTP, MSTP), but fundamentals are the same for all of them.

Every redundant switching topology is expose to broadcast storms risk. Every broadcast frame will loop into infinity crating broadcast of unwelcome and very high traffic.

To check, how broadcast storms influence your switch CPU usage disable STP for one of VLANs and send one broadcast frame on this VLAN (ex. arp request):

no spanning-tree vlan 1 

STP process step-by-step

First step: choose one RootBridge from all switches

The first step in STP is choosing the RootBridge. It’s the switch with the lowest BridgeID (build from STP priority and switch MAC address) in whole network.

www.showiproute.eu-stp_rootbridge.png

To change BridgeID and have influence on RoodBridge election, you can change STP priority of switch (by default 32768).

Example of changing STP priority for VLAN 1:

(config)# spanning-tree vlan 1 priority ? 

Each STP process steps are calculated for each VLAN, so you can choose different priority for different VLANs and have different RootBridge in each VLAN.

Second step: choose root port for each non RootBridge switch

Each non RootBridge switch have to choose one port, which will be named RootPort in STP terminology. If more VLANs exists on switch, RootPort will be chosen for every VLAN separately (except VLANs, where this switch is RootBridge).

RootPort is the port, which will lead frames through the fastest path to the RootBridge. To calculate the best path STP use summary costs to RootBridge for each path.

Cost is the function of Ethernet connection speed:

  • 10Gbps = 2 (cost)
  • 1Gbps = 4
  • 100Mbps = 19
  • 10Mbps = 100

www.showiproute.eu-stp_root_ports.png

If there are two (or more) ports which have the same best path cost to the RootBridge, switch will choose port, which lead to RootBridge through the lowest BridgeID neighbor switch. If the neighbor switches have the same BridgeID (consider two switches connected with two Ethernet cables on different ports) lower STP port priority decide, which port will be seleted as RootPort. If the priority is the same for both ports, the lowest port number will be chosen.

To change interface cost (should be changed on both ends of cable):

(config-if)# spanning-tree cost ? 

To change interface STP port priority:

(config-if)# spanning-tree port-priority ? 

Every RootPort forward all frames and do not block any traffic.

Third step: choose designated port and blocked ports for each segment

From Ethernet segment perspective, STP have to choose one Designated Port for each segment. This port should lead frames to the RootBridge with the lowest cost (the fastest, best path).

www.showiproute.eu-stp_designated_po.png

STP choose blocked port role for every port that has not been named yet. This ports do not forward common Ethernet traffic.

www.showiproute.eu-stp_blocked_port.png

PortFast

STP process take some time and is longer on bigger switched networks. Every port is going through several states (blocking, listening, learning, forwarding) until forwarding frames and this process can take even 50 seconds. This can cause some problems for PCs connected to switch, because only after this period switch gives PC NIC possibility to talk with other devices.

That’s why PortFast, enhancement Cisco technology, gives the possibility to immediately changing PC ports to forward state in STP networks.

(config-if)# spanning-tree portfast 

To ensure, that PortFast port will not cause Layer2 loops, enable bpduguard on this port also:

(config-if)# spanning-tree bpduguard enable 

If BPDU frame come on this port, port will be disabled preventing possible switching loop.

STP information

Switch# show spanning-tree ? Switch# show spanning-tree interface fastethernet 0/1


			
By vichhaiy Posted in Cisco

​​​Here are the basic rules of STP

.

1. Lowest bridge ID (Priority:MAC Address) switch becomes the Root-Bridge
2. Each non-root bridge should have ONE root port (RP) which is the port having lowest path-cost to Root Bridge.

If the path cost equal, then here are the criteria:

  • 1. Lowest Sending Bridge ID
  • 2. Lowest Port Priority (of sender)
  • 3. Lowest Interface number (of sender)​

3. All ports in Root Bridge become Designated Ports (DP)
4. Each segment should have one Designated Port (DP)
5. All RP/DPs will be in FORWARDING state & all other ports will be in BLOCKING state.

You may wish to look at this animation:
http://www.cisco.com/image/gif/paws/10556/spanning_tree1.swf

You can see some detail here also:

https://mail.google.com/mail/u/0/#inbox?compose=1538d1de7f4a35d7

By vichhaiy Posted in Cisco

STP switch port states:

​.

  • Blocking – A port that would cause a switching loop if it were active. No user data is sent or received over a blocking port, but it may go into forwarding mode if the other links in use fail and the spanning tree algorithm determines the port may transition to the forwarding state. BPDU data is still received in blocking state. Prevents the use of looped paths.
  • Listening – The switch processes BPDUs and awaits possible new information that would cause it to return to the blocking state. It does not populate the MAC address table and it does not forward frames.
  • Learning – While the port does not yet forward frames it does learn source addresses from frames received and adds them to the filtering database (switching database). It populates the MAC address table, but does not forward frames.
  • Forwarding – A port receiving and sending data, normal operation. STP still monitors incoming BPDUs that would indicate it should return to the blocking state to prevent a loop.
  • Disabled – Not strictly part of STP, a network administrator can manually disable a port

To prevent the delay when connecting hosts to a switch and during some topology changes, Rapid STP was developed, which allows a switch port to rapidly transition into the forwarding state during these situations.

By vichhaiy Posted in Cisco