Author: Valter Popeskic

For a long time I was confused about this. It was not clear to me what is the difference between setting the static route using next hop interface IP address instead of exit interface (outgoing interface) syntax. It seemed that both methods are the same and that you have basically two different ways to define static route on specific device for no particular reason.

It was not clear to me why would someone do this kind of option on networking device OS if there were no reason for doing so. In other words I was strongly convinced that there must be some difference between two configs and learning more detail about the process of routers recursive searches and Proxy ARP function did answer all my doubts.

So now is time to put it all on paper for you to see it:

You can define static route like this:

R1(config)#ip route 10.0.0.0 255.255.255.0 10.10.2.1

This means that all packets from R1 with destination address from 10.0.0.0/24 subnet will be forwarded out the interface leading to next hop device with 10.10.2.1 address on its interface.

Other way is to define the same static route like this:

R1(config)#ip route 10.0.0.0 255.255.255.0 fastEthernet 0/0

If fastEthernet 0/0 is the interface on R1 router that leads to next hop router with best path to 10.0.0.0/24

What’s the difference, which is better?

If you use next-hop address, you can conclude that your router will not have the information which interface must he use in order to route those packets out towards destination. R1 must then find an interface that is having 10.10.2.1 on other side.

Some of these things I read in books and some of them took me few days of troubleshooting and sweating to get to them so I give them for free here to save you fellow networker some time:

SLAAC

The mighty SLAAC is the preferred method of IPv6 allocation, but is it so mighty? Or it only seems to be mighty and magic? Your computers or mobile phones in order to use SLAAC must be convinced to do so by the router RA message. That message includes the A flag set beside the prefix and all other info. That kind of RA message will tell the device receiving the RA that he needs to make the “A” autoconfiguration on his interface using EUI-64 method.

But that’s not all.

RA messages will need to have also the O flag set. With the O flag end hosts will tell the router that they will use DHCP but only for the “O” other options. In the first place that other option will be DNS server IPv6 address which is not possible to get from router RA messages. Why? I’m sure that’s the most frequent IPv6 question. The fellows who made the RFC 4861 documents didn’t put that option inside RA Router Advertisement Message Format.

I did try to find a reason why not. Maybe the only partially reasonable answer is that DNS is a hierarchical system that needs to be centralised inside a network architecture and routers as devices that are running routing processes are distributed system (at least before we see SDN in real life). So the answer will be that is not okay to put allocation of DNS address rule on a system that is not centralised. It means that if you need to change DNS in a network with a lot of routers that are sending RA messages on their local subnets you would need to change the config on all routers one by one. That is the best answer that I did find until now, but this sounds more like an excuse that a real reason for this decision. If you put all the info together with the answer that fellows from RFC 4861 did actually make the wrong decision is in existence of fairly new RFC 6106 that proposes addition od DNS IPv6 address allocation in RA message.

Virtualisation

In a world in which every day I hear virtualization at least 50 times it would be very strange that there is some part of our digital environment which is not yet virtualised. Today we can see that almost every piece of our server equipment is going to the cloud hence is being virtualised. That is not a new story, server virtualisation i basically existing for decades now. Todays story is about next step in the virtualization process. There is finally a big desire to do the same thing with networking equipment. That’s obviously the way to go as there are more and more server on one hypervisor or on one cluster in the data centers and that implies that would be too expensive to implement any kind of hardware networking devices for each virtual server instance. And that implies that we are living in a world where switches and routers are more and more becoming part of different virtualisation host kernels or hypervisors.

But now when that virtualization technology is basically a normal way of deploying almost all machines and there is nothing standing in between network devices virtualization and us why there is no way to use that technology and make for us a virtualized modeling tool for network design and troubleshooting to?

GNS3 vs VIRL

Yes, there is GNS3 for years now but to be sincere, I tried to use if for some design and troubleshooting sessions and it is so time-consuming to set everything to work right that is was at the end easier to do it on a piece of paper.

I can say at the beginning that more and more fellows are visiting this blog. Finally networking knowledge project did succeed to get some fans from out there so I felt the need to thank you all for visiting this place. As you can see here from the blog post list I didn’t follow this movement myself these days. I actually didn’t come here for some time now. My last few weeks were very intense. One of the reasons was my learning sessions that took me at least few hour a day and the most interesting reason was my new assignment at work. I got an assignment to carry out and even more interesting to secure IPv6 in our company for a whole network segment. At least one segment for now, but it was a nice thing to get me into IPv6 deep dive learning. And I make the last step of the learning like this:

What is better than document the networking job that you did until is fresh in your head. So I write it down for the future implementations but rather than put it into my notepad I do it here on my blog, so next time is easier to search for it and something even better than that, you can use it too.

RA – router advertisement message format from RFC 4861

This time I will write about some of the most important things in IPv6 networking that you needed to know before you go on and carry out IPv6 implementation. RA router advertisements and some strange special bits in the RA packet header that are configuration option flags. Good thing is that there are only a few of them, four to be precise. The bad thing is that at first, I needed a couple of days to stop mixing them up.

UPDATE on 2.11.2013 – There will be an update in February 2014!

Read all about the new announcement in the latest article here! with all new topics added and removed from CCIE lab exam v5.

UPDATE on 23.07.2013 – There will be not update this year to v5 at least not for now…

So, there are some news. The news is that at this moment, few weeks after Cisco Live in Orlando we can say that CCIE lab exam v5 update is not going to happen this year. I other words, for us studying for the lab exam, the old topology and all the topics from v4 are still valid. Many of us will think now that we can be in peace for another year now and try to learn and understand everything so that we can pass the exam before the change. From my perspective, maybe this is not the whole truth. I think that even the change in the exam and all the topics mentioned down here that would change will not necessary mean that the exam would become more difficult. My perspective is that if you are prepared to pass the CCIE lab on v4, you will be probably also prepared to pass it on v5. My point is in that there is so many networking topics covered here that all the changes would not disturb you in your goal, maybe only those people who studied but not really with 100% understanding. The road to CCIE is not short, and is not easy either but it can be fun and in the end it will be worth the effort.

Learn and enjoy the process to, not only thinking on the resulting cert. In that way, you will probably be more succesful even in the CCIE lab changes a bit.