Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

CCNP

CCNP - Route redistribution - Simulating routing loops

Objective

Teaching CCNP ROUTE courses and describing the problematic of two-way routing redistribution I need an example describing the case which point out to the process of creating a routing loop. This example shows how such routing loop may arise using badly configured redistribution process andusing bad seed metric. The topology with two redisitributing routers creates routing feedback (two way, multipoint redistribution). The loop is created for packets routed from the ospf network to the 3.0.0.0/8 destination network.

STP - Loop itself with BPDUfilter

We investigate a special topology condition, where a switch is connected itself on ports Faa0/1 and Fa0/2, and one of the port has BPDUFilter feature applied (i.e. simulating STP is switched off). Both ports are in the same vlan (vlan 1 here). The question is: Is there a topology loop?

Initial state

We check first interfaces status, where we should see that both ports are connected and operational

VTP (+DTP) security threat - myth or fact?

There is some confusion and misunderstanding regarding VTP (VLAN Trunking Protocol)+DTP (Dynamic Trunking Protocol) and this article will hopefully make it all clear. Most of the confusion comes from the statement that VTP is always a security threat to your network. There are even some CCIE material which I find to be wrong on this topic so my advice here is to test everything by yourself.

 

I assume that you have sufficient knowledge about VTP and DTP, if not or you would like to refresh your memory take a look here:

 

VTP

Loki - L3 packet generation and manipulation tool

Notes: Loki is a Python based framework implementing many packet generation and attack modules for Layer 3 protocols, including BGP, LDP, OSPF, VRRP and quite a few others.

Web:

Cisco Catalyst 2960 switch IOS recovery

Sometimes in my lab happens that students delete IOS of the switch from its flash. Unfortunately switches does not have rommon to realize quick IOS recovery over tftp. Only one way is over Xmodem.

Cat 2960 switchIOS recovery

To speed up the process of the recovery we may setup Xmodem speed to higher rate as default 9600 bits:

Set the speed rate to 115200 baud on the switch prompt of the switch:

Configuration of the RIPv2 authentication

In this article I will configure, debug and shows the process of RIPv2 authentication.

 

Authentication methods

  1. Plain text
  2. MD5

 

Note 1: When using plain text authentication mode, make sure that the following parameters are matching on neighboring routers for successful authentication.

  • Key-string

  • Authentication mode

Catalyst 2960 - password recovery

Recovering from a Lost or Forgotten Password

 

The default configuration for the switch allows an end user with physical access to the switch to recover from a lost password by interrupting the boot process during power-on and by entering a new password. These recovery procedures require that you have physical access to the switch.

 

 

Syndicate content