Monday, May 3, 2010

Interview Questions

I act as proctor today for interview someone who want to join our team. There are couple CCIE holder, CCNP, CCIE candidat. I can't identify how they know each protocol and how deep. So there is the question for them! It's all question I faced while troubleshoot. (It's all IOS not Junos)

Q1, One junior engineer report that he can saw LSA in the LSDB, but he can't find out the route in routing table via sh ip route ! The question is "How make this happen" and How did you fix it ?

Q2, In MPLS VPN network, One junior engineer report that he can saw remote site routing update in local site CE router, but ping from local to remote isn't work. The question is "How make this happen" and How did you fix it ?

Q3, One junior engineer report that he saw one L2 port in cisco Layer 2 switch in forwarding status, but no traffic is transmit. The question is "How make this happen" and How did you fix it ?

Those question are very wide, the answer could be different from you. For Q1, it's not a IOS bug. Leave your answer. I will put my answer if someone interesting!

Wednesday, April 14, 2010

LISP Data Plane Suggestion.

The data plane in LISP will add (encap) 36 bytes before the ipv4 packet. This is a traditional GRE tunnel mechanism. There are 3 portions , Outer header, UDP, LISP header. For doing this, router need more resource to accomplish it. For JNPR, I think the Tunnel PIC will be a mandatory to put more header in original packet. But how about 2GB per second traffic into the Tunnel PIC or into RP ? There should be some way to do the this like MPLS label. I would like to put my words on LISP Data Plane.

After control plane, the ITR know how the IP address of the ETR. The ITR will encap new header before original packet. But How about change a new way ?

New Header for LISP

[Dst-ipv6] + [Src-ipv6] + [exp bit] + [S bit]

The Dst-ipv6 is combination format like
"2010:dst-ipv4 of destination locator: dst-ipv4 of original packet"

The Src-ipv6 is combination format like
"2010:src-ipv4 of source locator: src-ipv4 of original packet"

This format also can be aggregate like ipv4 does. Because each PI can only adv one ipv6 CIDR which will covery all. For example ASN 100 adv 2010:210:210:16::/64, Like ipv4, no one will care the dst-ipv4 of original packet. The router only need to know where the next hop of this CIDR is point to.

In this format, all internet Tier1, Tier2 router must running ipv6 routing which is smaller then today's BGP table.

PHP

Like MPLS, this new format also can save performance issue as PHP do in MPLS. So this new format can put the information to upstream which indicate your are the last hop router to reach source locatior. You need to strip the header. This will save routing look up at source locator.

The new format new to be check with AISC team, they might calculation on each bit for the header. It could be a good way may be not. It's my 2cet.

Tuesday, April 13, 2010

LISP overview

What is LISP ? It's Locator/ID Separation Protocol from Cisco system. This a new mechanism which will change the size of routing table inside router. First, the core router will not care EID anymore. By doing this, ingress and egress router acts the key point in LISP. Howevr the MR, MS proxy also import.

The encap could be a big performance impact of the service. The first probe packet in the flow might be missing on the way to dest ip. And the multi-vendor support still not get answer from others(Juniper, 3com, etc)

From the LISP, we can see that CSCO put a new way on next generation routing table , but JNPR still make a big machine put everything bigger and bigger(memory, CPU, Disk).

Visit the website for detail.

http://lisp4.cisco.com/index.html

Friday, December 18, 2009

Inter VS Intra





The Link State protocol compute the best base on Link Stat Data Base (LSDB).
For OSPF, the Intra > Inter > External,
For ISIS,
1. Level 1 intra-area routes with an internal metric
2. Level 1 external routes with an internal metric
3. Level 2 intra-area routes with an internal metric
4. Level 2 external routes with an internal metric
5. Inter-area routes (Level 1 to Level 2) with an internal metric
6. Inter-area external routes (Level 1 to Level 2) with an internal metric
7. Inter-area routes (Level 2 to Level 1) with an internal metric
8. Inter-area external routes (Level 2 to Level 1) with an internal metric
9. Level 1 external routes with an external metric
10. Level 2 external routes with an external metric
11. Inter-area external routes (Level 1 to Level 2) with an external metric
12. Inter-area external routes (Level 2 to Level 1) with an external metric

If the same prefix in LSDB locate in different Level or Area, the Intra-area always the best even you cahnge the Inter-area AD.

Here is a smiple question for you :

R2,R3 link = Level-2
R2,R1 link = Level-1
R1,R3 link = Level-1
R2 Lo0 = Level-2
R3 Lo0 = Level-2
R1 Lo0 = Level-1

1, R1,R2,R3 in the same area.
2, R1 can't using 0/0 to reach either R2/R3.
3, All router Lo0 must reach each other in best way, you can't have suboptimal routing in your network.

Can you do it ?

Saturday, September 5, 2009

Multihop EBGP


The common eBGP is over single link. Sometimes may be multi links using on eBGP peering. R2 update NetA and NetB via eBGP peer to R1. If you always want to put NetA into link 1 and NetB into link2 plus redundancy @R1. If any one link down must not impact the traffic.

The redundancy is the big topic in multihop eBGP. What I mean is if F0/0.12 @R1 is down, the traffic will move to F0/0.112 to R2. This is not so hard in Junos. The Junos software can create one more routing table for certain type traffic by using FBF. But in IOS, it's not easy. So I found aonther way to accomplish this.

I will post the answer later. If you have any idea, Let me know.

Thursday, September 3, 2009

CLNS

What is CLNS ? The answer is "Connectionless Network Service" It's different from IP. This is one of the issue for Juniper router. Because Juniper router doesn't support CLNS routing in M/T and static route support in J series. And In cisco IOS router you can run DUAL ISIS at the saem time.

Take a look. From JNCIP book :

"Juniper Networks M-series routers support the IS-IS protocol strictly for use in building IP routing tables. There is no support for the routing of OSI Connectionless Network Service (CLNS) network layer packets."

http://www.juniper.net/techpubs/software/jseries/junos93/jseries-config-guide-advanced/configuring-is-is-for-clns.html

This help you Configuring IS-IS for CLNS.

Sunday, August 16, 2009

Morakot hit Taiwan a lot


This is a news I don't want post it on my blog, but this one hit Taiwan a lot. I will record this typhoon for the hero who help the victim.

Aug,08,2009 No one know this typhoon will raining 3 meter high water in 2 days! The worst flooding in decades.

Hope they will be fine.