Archive

Archive for June, 2013

Cisco updates the Catalyst 2960 – Catalyst 2960-X and Catalyst 2960-XR

June 12, 2013 1 comment

The Catalyst 2960 is a very common switch in any environment that has
Cisco devices. A couple of years ago the 2960 got stacking via the
2960-S model. It also got the ability to do static routes which
was a nice feature. I used it in some deployments to do routing
locally in 2960 and then add a default route towards WAN provider.
That way I didn’t have to go through a slow CPE to route my local
VLANs.

The 2960-X and -XR are available in 24 or 48 port configurations.
Uplinks are either 2x 10 Gbit SPF+ or 4x 1 Gbit SFP. The PoE models
can support 370W or 740W of power.

The 2960-X provides up to 80 Gbps of stack bandwidth which is 2x more
compared to the 2960-S. It is now also possible to stack up to 8 switches
compared to the earlier maximum of 4. The 2960-S model uses FlexStack while
the newer -X and -XR models uses FlexStack-Plus. FlexStack-Plus supports
detecting stack port operational state in hardware and change the forwarding
according to it. This takes 100 ms or less. The older model does it in CPU
which can take 1 or 2 seconds.

Here are some notable differences between 2960-X and -XR compared to 2960-S.

  • Dual core CPU @ 600 MHz. 2960-S has single core
  • 2960-XR has support for dual power supplies
  • 256 MB of flash for -XR, 128 MB for -X. The S model has 64 MB
  • 512 MB of DRAM compared to 256 for 2960-S
  • 1k active VLANs compared to 255 for 2960-S
  • 48 Etherchannel groups for -XR, 24 for -X and 6 for -S
  • 4 MB of egress buffers instead of 2 MB
  • 4 SPAN sessions instead of 2
  • 32k MACs for -XR, 16k for -X and 8k for -S
  • 24k unicast routes for -XR, 16 static routes for -X and -S

The newer models also support Netflow lite, hibernation mode and EEE.

The 2960-XR does support dynamic routing. It has support for RIP, OSPF stub,
OSPFv3 stub, EIGRP stub, HSRP, VRRP and PIM.

Here are some performance numbers:

2960-X Lan Lite has 100 Gbps of switching bandwidth and 64 active VLANS.
2960-X Lan Base has 216 Gbps of switching bandwidth and 1023 active VLANs.
The same holds true for 2960-XR with IP Lite feature set. The 2960-S had
a maximum of 255 VLANs and 176 Gbps switching bandwidth. Depending on
model the 2960-X tops out at 130.9 Mpps compared to 101.2 for 2960-S.

The switches also have added support for IPv6. Notable features are:

  • IPv6 MLDv1 and v2 snooping
  • IPv6 First Hop Security (RA guard, source guard, and binding integrity guard
  • IPv6 ACLs
  • IPv6 QoS
  • HTTP/HTTPs over IPv6
  • SNMP over IPv6
  • Syslog over IPv6

I’m expecting more information to come out as it gets presented during Cisco Live
in Orlando.

Default routes in BGP

June 12, 2013 3 comments

I have seen in forums and in other places that some find that the
default route in BGP is a bit confusing. There are multiple ways of
orginating a default route in BGP. To start this is the topology
used:

Default

The following configurations are there from the start:

R1

interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
ip route 3.3.3.3 255.255.255.255 12.12.12.2
ip route 4.4.4.4 255.255.255.255 12.12.12.2

R2

interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
!
interface FastEthernet0/1
 ip address 23.23.23.2 255.255.255.0
!
interface FastEthernet1/0
 ip address 24.24.24.2 255.255.255.0
!
router bgp 2
 neighbor 23.23.23.3 remote-as 2
 neighbor 24.24.24.4 remote-as 4
!
ip route 0.0.0.0 0.0.0.0 12.12.12.1

R3

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 23.23.23.3 255.255.255.0
!
router bgp 2
 network 3.3.3.3 mask 255.255.255.255
 neighbor 23.23.23.2 remote-as 2

R4

interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 24.24.24.4 255.255.255.0
!
router bgp 4
 network 4.4.4.4 mask 255.255.255.255
 neighbor 24.24.24.2 remote-as 2

R2 is learning the loopbacks from R3 and R4. R2 has a default route towards R1.
The goal is to announce default route in BGP. Redistribute static should be
enough to announce the default route?

R2(config)#router bgp 2
R2(config-router)#redistribute static

We are not seeing it being advertised to the peers…

R4#sh bgp ipv4 uni
BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 3.3.3.3/32       24.24.24.2                             0 2 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i

Is it in the BGP RIB of R2?

R2#sh bgp ipv4 uni
BGP table version is 5, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i3.3.3.3/32       23.23.23.3               0    100      0 i
*> 4.4.4.4/32       24.24.24.4               0             0 4 i

It is not. BGP does not redistribute a static default route unless the
default-information command is used. This protects against someone accidentally
redistributing a default route in BGP which could potentially be disastrous.

R2(config)#router bgp 2
R2(config-router)#default-information originate
R2(config-router)#^Z

R2#sh bgp ipv4 un
BGP table version is 18, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          12.12.12.1               0         32768 ?
R3#sh bgp ipv4 uni
BGP table version is 18, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i0.0.0.0          12.12.12.1               0    100      0 ?
R4#sh bgp ipv4 uni
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          24.24.24.2               0             0 2 ?

Now the default route is spread. If we receive a default route in OSPF that
can be redistributed as well. Don’t forget to match externals or you will
have a facepalm moment like I did while writing this post.

R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router bgp 2
R2(config-router)#no redistribute static
R2(config-router)#no ip route 0.0.0.0 0.0.0.0 12.12.12.1
R2(config)#int f0/0
R2(config-if)#ip ospf 1 area 0
R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int f0/0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#router ospf 1
R1(config-router)#default-information originate always

There is now a default route learned via OSPF.

R2#sh ip route ospf
O*E2 0.0.0.0/0 [110/1] via 12.12.12.1, 00:02:54, FastEthernet0/0

Now to redistribute OSPF into BGP.

R2(config)#router bgp 2
R2(config-router)#redistribute ospf 1 match external
R2(config-router)#^Z
R2#sh bgp ipv
*Mar  1 02:13:18.267: %SYS-5-CONFIG_I: Configured from console by console
R2#sh bgp ipv4 uni
BGP table version is 20, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          12.12.12.1               1         32768 ?
R3#sh bgp ipv4 uni
BGP table version is 18, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i0.0.0.0          12.12.12.1               1    100      0 ?
R4#sh bgp ipv4 uni
BGP table version is 18, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          24.24.24.2               1             0 2 ?

So the default-information originate command must always be accompanied by
a redistribute statement. It can be static or from a dynamic protocol but
there must be a redistribute statement.

It is also possible to use the network command.

R2(config)#router bgp 2
R2(config-router)#no redistribute ospf 1
R2(config-router)#int f0/0
R2(config-if)#no ip ospf 1 area 0
R2(config-if)#  
*Mar  1 02:15:41.559: %OSPF-5-ADJCHG: Process 1, Nbr 12.12.12.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R2(config-if)#ip route 0.0.0.0 0.0.0.0 12.12.12.1
R2(config)#router bgp 2
R2(config-router)#network 0.0.0.0
R2(config-router)#^Z
R2#sh bgp ipv4 uni
BGP table version is 22, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          12.12.12.1               0         32768 i
R3#sh bgp ipv4 uni
BGP table version is 18, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i0.0.0.0          12.12.12.1               0    100      0 i
R4#sh bgp ipv4 uni
BGP table version is 20, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          24.24.24.2               0             0 2 i

The difference here is that network 0.0.0.0 will pick it up if there is
a default route in the RIB. There is no need to redistribute. Now for OSPF
as well.

R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#no ip route 0.0.0.0 0.0.0.0
R2(config)#int f0/0
R2(config-if)#ip ospf 1 area 0
R2(config-if)#^Z
R2#
%OSPF-5-ADJCHG: Process 1, Nbr 12.12.12.1 on FastEthernet0/0 from LOADING to FULL, Loading Done

R2#sh bgp ipv4 uni
BGP table version is 24, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          12.12.12.1               1         32768 i
R3#sh bgp ipv4 uni        
BGP table version is 18, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i0.0.0.0          12.12.12.1               1    100      0 i
R4#sh bgp ipv4 uni
BGP table version is 22, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          24.24.24.2               1             0 2 i

What if we don’t want to use a default route on the local router or only
generate a default route towards a specific neighbor. That is when the
default-originate command is used towards a neighbor.

R2(config)#int f0/0
R2(config-if)#no ip ospf 1 area 0
R2(config-if)#router bgp 2
R2(config-router)#
*Mar  1 02:22:29.035: %OSPF-5-ADJCHG: Process 1, Nbr 12.12.12.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R2(config-router)#no network 0.0.0.0
R2(config-router)#nei 24.24.24.4 default-originate  
R2(config-router)#do sh ip route 0.0.0.0
% Network not in table
R2(config-router)#do sh bgp ipv4 uni
BGP table version is 25, local router ID is 24.24.24.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i3.3.3.3/32       23.23.23.3               0    100      0 i
*> 4.4.4.4/32       24.24.24.4               0             0 4 i

As you can see. There is no default route in R2 RIB or BGP RIB. R3 should not
have a default route now.

R3#sh bgp ipv4 uni
BGP table version is 18, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 3.3.3.3/32       0.0.0.0                  0         32768 i
* i4.4.4.4/32       24.24.24.4               0    100      0 4 i

R4 has it.

R4#sh bgp ipv4 uni
BGP table version is 24, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          24.24.24.2               0             0 2 i
*> 3.3.3.3/32       24.24.24.2                             0 2 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i

So to summarize. When advertising a default route in BGP you can either use
network 0.0.0.0 command. This can be used to only inject a default without
redistributing static or dynamically learned routes.

The default-information originate command is used if you are redistributing
routes but the default route is not getting included. This command must always
be matched by a redistribute statement.

Default-originate is used to only advertise a default to a specific neighbor
and it does not insert default route into BGP RIB and does not regquire a
default to exist in RIB at all.

The last command would probably be the only one used in a real life case but
for the CCIE lab you need to know them all.