OSPF

Type 1 - Router LSA - the router lists the links to other routers or networks in the
same area, together with the metric.
Type 2 - Network LSA - the designated router on a broadcast segment (e.g.
Ethernet) lists which routers are joined together by the segment.
Type 3 - Summary LSA - an Area Border Router (ABR) takes information it has
learned on one of its attached areas and summarizes it before sending it out on
other areas it is connected to..
Type 4 - ASBR-Summary LSA - this is needed because Type 5 External LSAs are
flooded to all areas and the detailed next-hop information may not be available in
those other areas.
Type 5 - External LSA - these LSAs contain information imported into OSPF from
other routing processes.
Type 6 - Group Membership LSA - this was defined for Multicast extensions to OSPF
(MOSPF), a multicast routing protocol which is not in general use.
Type 7 - Routers in a Not-so-stubby-area (NSSA) do not receive external LSAs from
Area Border Routers, but are allowed to send external routing information for
redistribution..
Type 8 - a link-local only LSA for the IPv6 version of OSPF, which is known as
OSPFv3. A type 8 LSA is used to give information about link-local addresses and a
list of IPv6 addresses on the link.
Type 9 - a link-local "opaque" LSA (defined by RFC2370) in OSPFv2 and the Inter-
Area-Prefix LSA in OSPFv3.
Type 10 - an area-local "opaque" LSA as defined by RFC2370.
Type 11 - an "opaque" LSA defined by RFC2370, which is flooded everywhere except
stub areas.
Dijkstra's algorithm is used to calculate the shortest path tree. It uses cost as its
routing metric
stub area is an area which does not receive external routes
totally stubby area does not allow summary routes in addition to the external routes
not-so-stubby area (NSSA) is a type of stub area that can import autonomous
system

Enhanced Interior Gateway Routing Protocol (EIGRP)

Delay Bandwidth Reliability Load MTU (though not actually used in the calculation)
Bandwidth for EIGRP = (10000000/Bandwidth)
A successor (or next hop) is a primary route that is used to reach a destination
A feasible successor(FS) is a backup route

BGP neighbors, or peers, are established by manual configuration between routers

to create a TCP session on port 179
iBGP routes have an administrative distance of 200
BGP (EBGP Exterior Border Gateway Protocol), and it has an administrative distance
of 20
BGP router that routes IBGP traffic is called a transit router. Routers that sit on the
boundary of an AS and that use EBGP to exchange information with the ISP are
border or edge routers
all routers within a single AS and participating in BGP routing must be configured in
a full mesh: each router must be configured as peer to every other router
Route reflectors reduce the number of connections required in an AS
Confederations are used in very large networks where a large AS can be configured
to encompass smaller more manageable internal Ass
"damping" is built into many BGP implementations in an attempt to mitigate the
effects of route flapping
A network black hole can occur in BGP intentionally or through mis-configuration.
Intentional black holing of routes through BGP is a technique to discard traffic
silently across an ASN. The mis-configuration is commonly due to ASN's with
incomplete routing tables.
Ibgp = 200 AD Ebgp = 20 AD
Path selection 1. Weight 2. Local Pref 3. Local path 4. AS_Path 5.Local Origionated
Route 6. MED 7. Ebgp over IBGP 8. Lowest IGP metric 9 . multipath 10. Oldest

1. Prefer the path with the highest WEIGHT.

2. Prefer the path with the highest LOCAL_PREF.
Note: A path without LOCAL_PREF is considered to have had the value set with the
bgp default local-preference command, or to have a value of 100 by default.
3. Prefer the path that was locally originated via a network or aggregate BGP
subcommand or through redistribution from an IGP.
4. Prefer the path with the shortest AS_PATH.
5. Prefer the path with the lowest origin type.
Note: IGP is lower than Exterior Gateway Protocol (EGP), and EGP is lower than
INCOMPLETE.
6. Prefer the path with the lowest multi-exit discriminator (MED).
7. Prefer eBGP over iBGP paths.
8. Prefer the path with the lowest IGP metric to the BGP next hop.
9. Determine if multiple paths require installation in the routing table for BGP
Multipath.
10. When both paths are external, prefer the path that was received first (the
oldest one).
The local preference attribute is used to prefer an exit point from the local
autonomous system (AS).
MED) or metric attribute is used as a suggestion to an external AS regarding the
preferred route into the AS
The FSM consists of six states - Idle, Connect, Active, OpenSent, OpenConfirm, and
Established
Hot Standby Routing Protocol (HSRP) is a Cisco proprietary redundancy protocol for
establishing a fault-tolerant default gateway
HSRP sends its hello messages to the multicast address 224.0.0.2 (all routers) using
UDP port 1985
Shares mac and IP
Uses Standby Groups
Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol that
attempts to overcome the limitations of existing redundant router protocols by
adding basic load balancing functionality. In addition to being able to set priorities
on different gateway routers, GLBP also allows a weighting parameter to be set.
Based on this weighting (compared to others in the same virtual router group), ARP
requests will be answered with MAC addresses pointing to different routers. Thus,
load balancing is not based on traffic load, but rather on the number of hosts that
will use each gateway router
The spanning tree network protocol provides a loop free topology for any bridged
LAN
STP is used in switched networks to prevent loops, and has been standardised by
IEEE 802.1D. As the
• Elect a root bridge.
• Find least cost (measured as hopcount) paths to root bridge.
• Disable links that are not part of those paths
• Listening - The switch processes BPDUs and determines the network topology
• Learning - The switch builds a switching table that maps MAC addresses to port
numbers
• Blocking - A port that would cause a switching loop, no user data is sent or
received but it may go into forwarding mode if the trunk link in use were to fail.
BPDU data is still sent and received in blocking mode
• Forwarding - A port receiving and sending data, normal operation
• Disabled - Not strictly part of STP, a network administrator can manually disable
a port
IP Multicast is a method of forwarding IP datagrams to a group of interested
receivers
Uses IGMP to request to join a group
Multicast Mac 01:00:5e
The Internet Group Management Protocol is a communications protocol used to
manage the membership of Internet Protocol multicast groups
Protocol-Independent Multicast (PIM) is a family of multicast routing protocols that
can provide one-to-many and many-to-many distribution of data over the Internet
• PIM Sparse Mode (PIM-SM) explicitly builds unidirectional shared trees rooted at
a Rendezvous Point (RP) per group, and optionally creates shortest-path trees per
source. PIM-SM generally scales fairly well for wide-area usage. see experimental rfc
2362
• PIM Dense Mode (PIM-DM) implicitly builds shortest-path trees by flooding
multicast traffic domain wide, and then pruning back branches of the tree where no
receivers are present.
VTP stands for VLAN Trunking Protocol, a protocol used for configuring and
administering VLANs on Cisco network devices.
VTP operates on Cisco switches in one of three modes:
• Client.
• Server.
• Transparent.
VTP also maintains a map of VLANs and switches, enabling traffic to be directed only
to those switches known to have ports on the intended VLAN
QOS
Early work used the "IntServ" philosophy of reserving network resources. In this
model, applications used the Resource Reservation Protocol (RSVP) to request and
reserve resources through a network. While IntServ mechanisms do work, it was
realized that in a broadband network typical of a larger service provider, Core
routers would be required to accept, maintain, and tear down thousands or possibly
tens of thousands of reservations. It was believed that this approach would not scale
with the growth of the Internet, and in any event was antithetical to the notion of
designing networks so that Core routers do little more than simply switch packets at
the highest possible rates.
The second and currently accepted approach is "DiffServ" or differentiated services.
In the DiffServ model, packets are marked according to the type of service they
need. In response to these markings, routers and switches use various queuing
strategies to tailor performance to requirements. (At the IP layer, differentiated
services code point (DSCP) markings use the 6 bits in the IP packet header. At the
MAC layer, VLAN IEEE 802.1q and IEEE 802.1D can be used to carry essentially the
same information)
Routers supporting DiffServ use multiple queues for packets awaiting transmission
from bandwidth constrained (e.g., wide area) interfaces. Router vendors provide
different capabilities for configuring this behavior, to include the number of queues
supported, the relative priorities of queues, and bandwidth reserved for each queue
• queuing
o fair-queuing
o first in first out (FIFO)
o weighted round robin, WRR
o class based weighted fair queuing
o weighted fair queuing
• buffer tuning
• congestion avoidance
o RED, WRED - Lessens the possibility of port queue buffer tail-drops and this
lowers the likelihood of TCP global synchronization
• policing and Traffic shaping
SSL provides endpoint authentication and communications privacy over the Internet
using cryptography. In typical use, only the server is authenticated (i.e. its identity is
ensured) while the client remains unauthenticated; mutual authentication requires
public key infrastructure (PKI) deployment to clients. The protocols allow
client/server applications to communicate in a way designed to prevent
eavesdropping, tampering, and message forgery.
SSL involves three basic phases:
1. Peer negotiation for algorithm support
2. Public key encryption-based key exchange and certificate-based authentication
3. Symmetric cipher-based traffic encryption
During the first phase, the client and server negotiation uses cryptographic
algorithms. Current implementations support the following choices:
• for public-key cryptography: RSA, Diffie-Hellman, DSA or Fortezza;
• for symmetric ciphers: RC2, RC4, IDEA, DES, Triple DES or AES;
• for one-way hash functions: MD5 or SHA.
IPsec (IP security) is a standardized framework for securing Internet Protocol (IP)
communications by encrypting and/or authenticating each IP packet in data stream.
There are two modes of IPsec operation: transport mode and tunnel mode.
In transport mode only the payload (message) of the IP packet is encrypted. It is
fully-routable since the IP header is sent as plain text; however, it can not cross NAT
interfaces, as this will invalidate its hash value. Transport mode is used for host-to-
host communications over a LAN.
In tunnel mode, the entire IP packet is encrypted. It must then be encapsulated into
a new IP packet for routing to work. Tunnel mode is used for network-to-network
communications (secure tunnels between routers) or host-to-network and host-to-
host communications over the Internet.
IPsec is implemented by a set of cryptographic protocols for (1) securing packet
flows and (2) Internet key exchange. Of the former, there are two:
• Authentication Header (AH),
which provides authentication, payload (message) and IP header integrity and with
some cryptography algorithm also non-repudiation , but does not offer
confidentiality; and
• Encapsulating Security Payload (ESP),
which provides data confidentiality, payload (message) integrity and with some
cryptography algorithm also authentication.
In some countries message encryption is prohibited by law and ESP protocol can not
be used. In this case AH provides entire IPsec functionality (without confidentiality).
Originally AH was only used for integrity and ESP was used only for encryption;
authentication functionality was added subsequently to ESP. Currently only one key
exchange protocol is defined, the IKE (Internet Key Exchange) protocol.
IPsec protocols operate at the network layer, layer 3 of the OSI model. Other
Internet security protocols in widespread use, such as SSL and TLS, operate from
the transport layer up (OSI layers 4 - 7). This makes IPsec more flexible, as it can be
used for protecting both TCP and UDP-based protocols, but increases its complexity
and processing overhead, as it cannot rely on TCP (layer 4 OSI model) to manage
reliability and fragmentation.
Frame-Relay
Committed Information Rate (CIR)
Frames that are sent in excess of the CIR are marked as "discard eligible" (DE)
Committed Burst Size (BC). The maximum number of information units transmittable
during the interval T.
Excess Burst Size (BE). The maximum number of uncommitted information units (in
bits) that the network will attempt to carry during the interval