Friday, October 24, 2008
JUNIPER JNCIA-ER SCORE 90
Well I know this is not Cisco but I have just passed 30 min ago my JNCIA-ER exam with score of 90, to be honest that was one of the shortest test's I have ever had, usually I stay no meter what to the last minute but because I was pretty sure on my answers I have left after ~20 min.
The resources provided from the www.juniper.net/fasttrack/ site are excellent and answer 100% to the test questions. almost to good to be true.
I must say that the last 3 weeks I have been playing with the junos (under my vmware setup) it seem to be realy nice and powerful OS.
So for you professionals and experts I think it should be very nice knowledge edition, I am still thinking if I want to proceed with the JNCIS-ER exam or stop here with juniper, I will update you later.
All of you have a nice weekend :-)
Friday, October 10, 2008
Spanning Tree Basics
Spanning Tree is one of the topics that most people a really scared as it is almost fully automatic feature People don’t bother to dig into it; my idea here is to give you a simple way to understand the protocol basics And also get a glance on its complex.
First thing when I learn a new protocol I would like to look how it is working on the low level, so here I have drown you the BPDU structure, you can see that all implementations have a common ground and thus there is full backward support:
Filed Description:
PID = Protocol ID Always 0x0000
VID = Version ID
1) STP 0x00
2) R-PVST 0x02
BT = BPDU Type
1) STP 0x00
2) R-PVST / MST 0x02
TCN / TCN Ack is used only with IEEE 802.1D or with interoperation with RSTP.
Proposal and agreement handshake are bits used to prevent loops, proposal sent from a designated port And agreement is sent from the root port.
Unlike IEEE 802.1D in which any transition between the blocking and the forwarding state causes a topology change, Only transitions from the blocking to the forwarding state cause a topology change with RSTP.
Root ID
Show the Root Bridge Priority and the MAC address
Root Cost
Show your distance from the Root Bridge
BID = Bridge ID
Here the switch advertise his own Bridge MAC and Priority
Port ID
A 2 byte number, the first octet build from a configurable priority, the second octet is a number set by the Bridge for the port BPDU was sent from usually in newer Bridge model the port id is the Port number but in Older models it was a random number assigned to the port.
Newer models:
Show spanning-tree vlan 1 detail
Older models:
Show spanning-tree
MAge = Message Age
Indicate an estimated time required for a BPDU to be sent and received by any other bridge, although specified in time it is actually increasing The value by hop count.
MA = Max Age
This filed is given from the root bridge and by default set to 20 sec indicate the max age of a BPDU.
Hello
Indicate the time between each BPDU sent from the root bridge. Default 2 sec
FWDD = Forward Delay
Indicate the amount of time the bridge should stay in each state when transiting from blocking to forwarding.
V1_L = Version 1 Length
V3_L = Version 3 Length
MST EXTENTION
MST Config ID
MST Config Name = configuration name
MST Config Revision Number = configuration revision number
MST Config digest = configuration digest
CIST Bridge Identifier =
CIST Internal Root Path Cost = cost to the root bridge
CIST Remaining hops = default (20) state the max number of hops from the root bridge
if packet received a packet with remaining hops set to 0 then he will
Ignore the spanning tree BPDU and will be able to declare himself as Root
Understand the debug as it is one of the tools you have to troubleshoot in real time, but with that said you need to make sure you do not activate spanning tree debug on production with logging console enable as you will probably end up locked out from your switch.
! Do before debug under global config
No logging console
logging buffered 200000
end
clear logging
debug spanning-tree bpdu
! output will be displayed under the “show logging”
! to disable debug
un all
Example output from the debug:
*Apr 14 01:19:56: STP: enc 01 00 0C CC CC CD 00 14 F2 E9 44 16 00 32 AA AA 03 00 00 0C 01 0B ! you can see destination MAC 01 00 0C CC CC CD the Cisco multicast address for PVST+ also LCP show AA AA indicate to look into the next 5 byte of information in the LCP, the last 2 byte indicate the ethertype 010b is for PVST+
*Apr 14 01:19:56: STP: Data 000002023C60670014F2E944000000000060670014F2E9440080160000140002000F00
*Apr 14 01:19:56: STP: VLAN0103 Fa0/22:0000 02 02 3C 60670014F2E94400 00000000 60670014F2E94400 8016 0000 1400 0200 0F00 ! BPDU represented in hex
*Apr 14 01:19:56: RSTP(103): Fa0/22 repeated msg
*Apr 14 01:19:56: RSTP(103): Fa0/22 rcvd info remaining 6
*Apr 14 01:19:56: STP: VLAN0104 rx BPDU: config protocol = rstp, packet from FastEthernet0/22 , linktype SSTP , enctype 3, encsize 22
Short story on the LCP
LLC (Logical Link Control) also called 802.2 header and is between 3 to 8 byte long containing protocol type information of the packet.
The 3 first bytes are mandatory:
DSAP Destination Service Access Point
SSAP Source Service Access Point
And one more byte that is important only when using SNA in any other cases it is ignored
Now you will probably ask what the additional 5 byte is.
Now this is where it gets little complex, when using standard STP IEEE or ISL trunks (Cisco Run ISL with PVST that is much similar to the standard accept for the vlan ID addition) then DSAP and SSAP will be set to 0x42 but when configuring DOT1Q trunks on Cisco then they use PVST+ and they are setting the SSAP and DSAP to 0xAA where it point to the additional 5 byte where we get the SNAP (SubNetwork Access Protocol) that is giving us a description of what protocol we are using in layer 3 (AppleTalk, IP, XNS….)
Ok this until now are the basics for STP, once you have the structure in place it will be much easier (warning: it is not easy) to understand how it works.
Recommended reading: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094954.shtml
Filed Description:
PID = Protocol ID Always 0x0000
VID = Version ID
1) STP 0x00
2) R-PVST 0x02
BT = BPDU Type
1) STP 0x00
2) R-PVST / MST 0x02
TCN / TCN Ack is used only with IEEE 802.1D or with interoperation with RSTP.
Proposal and agreement handshake are bits used to prevent loops, proposal sent from a designated port And agreement is sent from the root port.
Unlike IEEE 802.1D in which any transition between the blocking and the forwarding state causes a topology change, Only transitions from the blocking to the forwarding state cause a topology change with RSTP.
Root ID
Show the Root Bridge Priority and the MAC address
Root Cost
Show your distance from the Root Bridge
BID = Bridge ID
Here the switch advertise his own Bridge MAC and Priority
Port ID
A 2 byte number, the first octet build from a configurable priority, the second octet is a number set by the Bridge for the port BPDU was sent from usually in newer Bridge model the port id is the Port number but in Older models it was a random number assigned to the port.
Newer models:
Show spanning-tree vlan 1 detail
Older models:
Show spanning-tree
MAge = Message Age
Indicate an estimated time required for a BPDU to be sent and received by any other bridge, although specified in time it is actually increasing The value by hop count.
MA = Max Age
This filed is given from the root bridge and by default set to 20 sec indicate the max age of a BPDU.
Hello
Indicate the time between each BPDU sent from the root bridge. Default 2 sec
FWDD = Forward Delay
Indicate the amount of time the bridge should stay in each state when transiting from blocking to forwarding.
V1_L = Version 1 Length
V3_L = Version 3 Length
MST EXTENTION
MST Config ID
MST Config Name = configuration name
MST Config Revision Number = configuration revision number
MST Config digest = configuration digest
CIST Bridge Identifier =
CIST Internal Root Path Cost = cost to the root bridge
CIST Remaining hops = default (20) state the max number of hops from the root bridge
if packet received a packet with remaining hops set to 0 then he will
Ignore the spanning tree BPDU and will be able to declare himself as Root
Understand the debug as it is one of the tools you have to troubleshoot in real time, but with that said you need to make sure you do not activate spanning tree debug on production with logging console enable as you will probably end up locked out from your switch.
! Do before debug under global config
No logging console
logging buffered 200000
end
clear logging
debug spanning-tree bpdu
! output will be displayed under the “show logging”
! to disable debug
un all
Example output from the debug:
*Apr 14 01:19:56: STP: enc 01 00 0C CC CC CD 00 14 F2 E9 44 16 00 32 AA AA 03 00 00 0C 01 0B ! you can see destination MAC 01 00 0C CC CC CD the Cisco multicast address for PVST+ also LCP show AA AA indicate to look into the next 5 byte of information in the LCP, the last 2 byte indicate the ethertype 010b is for PVST+
*Apr 14 01:19:56: STP: Data 000002023C60670014F2E944000000000060670014F2E9440080160000140002000F00
*Apr 14 01:19:56: STP: VLAN0103 Fa0/22:0000 02 02 3C 60670014F2E94400 00000000 60670014F2E94400 8016 0000 1400 0200 0F00 ! BPDU represented in hex
*Apr 14 01:19:56: RSTP(103): Fa0/22 repeated msg
*Apr 14 01:19:56: RSTP(103): Fa0/22 rcvd info remaining 6
*Apr 14 01:19:56: STP: VLAN0104 rx BPDU: config protocol = rstp, packet from FastEthernet0/22 , linktype SSTP , enctype 3, encsize 22
Short story on the LCP
LLC (Logical Link Control) also called 802.2 header and is between 3 to 8 byte long containing protocol type information of the packet.
The 3 first bytes are mandatory:
DSAP Destination Service Access Point
SSAP Source Service Access Point
And one more byte that is important only when using SNA in any other cases it is ignored
Now you will probably ask what the additional 5 byte is.
Now this is where it gets little complex, when using standard STP IEEE or ISL trunks (Cisco Run ISL with PVST that is much similar to the standard accept for the vlan ID addition) then DSAP and SSAP will be set to 0x42 but when configuring DOT1Q trunks on Cisco then they use PVST+ and they are setting the SSAP and DSAP to 0xAA where it point to the additional 5 byte where we get the SNAP (SubNetwork Access Protocol) that is giving us a description of what protocol we are using in layer 3 (AppleTalk, IP, XNS….)
Ok this until now are the basics for STP, once you have the structure in place it will be much easier (warning: it is not easy) to understand how it works.
Recommended reading: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094954.shtml
Subscribe to:
Posts (Atom)