When we type “network 10.0.0.0”, the EIGRP process looks at 10.0.0.0 network and turns on EIGRP on all the interfaces whose IP Address is in the subnet 10.0.0.0. Then EIGRP advertise the network which is the IP Address of the interface. For example, when I mentioned the below IP address on an interface

EIGRP process advertised 172.16.0.0/24 which was under the interface as shown below:

 

 

Normally, when a TCP/IP application wants to send information, that information travels down the protocol layers to IP where it is encapsulated in an IP datagram. That datagram then passes down to the data link layer of the device’s physical network for transmission to the next hop, on the way to the IP destination.

 

However, one special range of addresses is set aside for loopback functionality. This is the range 127.0.0.0 to 127.255.255.255. IP datagrams sent by a host to a 127.x.x.x loopback address are not passed down to the data link layer for transmission. Instead, they “loop back” to the source device at the IP level. In essence, this represents a “short-circuiting” of the normal protocol stack; data is sent by a device’s layer three IP implementation and then immediately received by it.

 

The purpose of the loopback range is testing of the TCP/IP protocol implementation on a host. Since the lower layers are short-circuited, sending to a loopback address allows the higher layers (IP and above) to be effectively tested without the chance of problems at the lower layers manifesting themselves. 127.0.0.1 is the address most commonly used for testing purposes.

Spanning tree protocol goes through the following states in normal conditions after the interface comes up.

1)     Listening

2)     Learning

3)     Forwarding

The following is the output showing STP going through all the above states for each port of a created VLAN.

After the VLAN is deleted, the access ports that belong to that VLAN move into the inactive state until the ports are moved to another VLAN. As a security measure, ports in the inactive state do not forward traffic. Example: I created a VLAN 9 and assigned a port F1/4 to it. Then I deleted the VLAN and observed that the port F1/4 went to an inactive state as shown below:

Then I created VLAN again from VLAN database mode and observed that the port again became active as shown below:

So, we must take care of the access ports of a particular VLAN before deleting that VLAN.

FastEthernet0/0 is up
Indicates whether the interface hardware is currently active and if it has been taken down by an administrator.

line protocol is up
Indicates whether the software processes that handle the line protocol consider the line usable or if it has been taken down by an administrator.

MTU 1500 bytes
Maximum Transmission Unit of the interface.

BW 100000 Kbit
Bandwidth of the interface in kilobits per second.

DLY 100 usec
Delay of the interface in microseconds.

reliability 255/255
Reliability of the interface as a fraction of 255 (255/255 is 100% reliability), calculated as an exponential average over 5 minutes.

txload 1/255, rxload 1/255
Load on the interface as a fraction of 255 (255/255 is completely saturated), calculated as an exponential average over 5 minutes.

Encapsulation ARPA
Encapsulation method assigned to interface.

loopback not set
Indicates whether loopback is set or not.

Keepalive set (10 sec)
Indicates whether keepalives are set or not.

Full-duplex, 100Mb/s, 100BaseTX/FX
Speed, Data Speed, and Wire Type

ARP type: ARPA

Type of Address Resolution Protocol assigned.

ARP Timeout 04:00:00
Number of hours, minutes, and seconds an ARP cache entry will stay in the cache.

output hang never
Number of hours, minutes, and seconds (or never) since the interface was last reset because of a transmission that took too long. When the number of hours in any of the “last” fields exceeds 24 hours, the number of days and hours is printed. If that field overflows, asterisks are printed.

Last clearing of “show interface” counters 00:00:02
Time at which the counters that measure cumulative statistics (such as number of bytes transmitted and received) shown in this report were last reset to zero. Note that variables that might affect routing (for example, load and reliability) are not cleared when the counters are cleared. *** indicates the elapsed time is too large to be displayed. 0:00:00 indicates the counters were cleared more than 231ms (and less than 232ms) ago.

Queueing strategy: fifo
First In, First Out queuing strategy (other queueing strategies you might see are priority-list, custom-list, and weighted fair).

Output queue 0/40, 0 drops; input queue 0/75, 0 drops
Number of packets in output and input queues. Each number is followed by a slash, the maximum size of the queue, and the number of packets dropped due to a full queue.

5 minute input rate 4000 bits/sec, 2 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
Average number of bits and packets transmitted per second in the last 5 minutes. If the interface is not in promiscuous mode, it senses network traffic it sends and receives (rather than all network traffic).

The 5-minute input and output rates should be used only as an approximation of traffic per second during a given 5-minute period. These rates are exponentially weighted averages with a time constant of 5 minutes. A period of four time constants must pass before the average will be within two percent of the instantaneous rate of a uniform stream of traffic over that period.

packets input
Total number of error-free packets received by the system.

bytes
Total number of bytes, including data and MAC encapsulation, in the error free packets received by the system.

Received 1 broadcasts
Total number of broadcast or multicast packets received by the interface.

runts
Number of packets that are discarded because they are smaller than the medium’s minimum packet size. For instance, any Ethernet packet that is less than 64 bytes is considered a runt.

giants
Number of packets that are discarded because they exceed the medium’s maximum packet size. For example, any Ethernet packet that is greater than 1,518 bytes is considered a giant.

throttles
Number of times the receiver on the port was disabled, possibly due to buffer or processor overload.

input errors
Includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. Other input-related errors can also cause the input errors count to be increased, and some datagrams may have more than one error; therefore, this sum may not balance with the sum of enumerated input error counts.

CRC
Cyclic redundancy checksum generated by the originating LAN station or far-end device does not match the checksum calculated from the data received. On a LAN, this usually indicates noise or transmission problems on the LAN interface or the LAN bus itself. A high number of CRCs is usually the result of collisions or a station transmitting bad data.

frame
Number of packets received incorrectly having a CRC error and a noninteger number of octets. On a LAN, this is usually the result of collisions or a malfunctioning Ethernet device.

overrun
Number of times the receiver hardware was unable to hand received data to a hardware buffer because the input rate exceeded the receiver’s ability to handle the data.

ignored

Number of received packets ignored by the interface because the interface hardware ran low on internal buffers. These buffers are different than the system buffers mentioned previously in the buffer description. Broadcast storms and bursts of noise can cause the ignored count to be increased.

watchdog
Number of times watchdog receive timer expired. It happens when receiving a packet with length greater than 2048.

input packets with dribble condition detected
Dribble bit error indicates that a frame is slightly too long. This frame error counter is incremented just for informational purposes; the router accepts the frame.

packets output
Total number of messages transmitted by the system.

bytes
Total number of bytes, including data and MAC encapsulation, transmitted by the system.

underruns
Number of times that the transmitter has been running faster than the router can handle. This may never be reported on some interfaces.

output errors
Sum of all errors that prevented the final transmission of datagrams out of the interface being examined. Note that this may not balance with the sum of the enumerated output errors, as some datagrams may have more than one error, and others may have errors that do not fall into any of the specifically tabulated categories.

collisions
Number of messages retransmitted due to an Ethernet collision. This is usually the result of an overextended LAN (Ethernet or transceiver cable too long, more than two repeaters between stations, or too many cascaded multiport transceivers). A packet that collides is counted only once in output packets.

interface resets
Number of times an interface has been completely reset. This can happen if packets queued for transmission were not sent within several seconds. On a serial line, this can be caused by a malfunctioning modem that is not supplying the transmit clock signal, or by a cable problem. If the system notices that the carrier detect line of a serial interface is up, but the line protocol is down, it periodically resets the interface in an effort to restart it. Interface resets can also occur when an interface is looped back or shut down.

babbles
The transmit jabber timer expired.

late collision
Number of late collisions. Late collision happens when a collision occurs after transmitting the preamble.

deferred
Deferred indicates that the chip had to defer while ready to transmit a frame because the carrier was asserted.

lost carrier
Number of times the carrier was lost during transmission.

no carrier
Number of times the carrier was not present during the transmission.

output buffer failures
Number of no resource errors received on the output.

output buffers swapped out
Number of packets swapped to DRAM.

TCP Zero Window is when the Window size in a machine remains at zero for a specified amount of time. This means that a client is not able to receive further information at the moment, and the TCP transmission is halted until it can process the information in its receive buffer.

 

TCP Window size is the amount of information that a machine can receive during a TCP session and still be able to process the data. Think if it like a TCP receive buffer. When a machine initiates a TCP connection to a server, it will let the server know how much data it can receive by the Window Size.

In many Windows machines, this value is around 64512 bytes. As the TCP session is initiated and the server begins sending data, the client will decrement its Window Size as this buffer fills. At the same time, the client is processing the data in the buffer, and is emptying it, making room for more data. Through TCP ACK frames, the client informs the server of how much room is in this buffer. If the TCP Window Size goes down to 0, the client will not be able to receive any more data until it processes and opens the buffer up again. In this case, Protocol Expert will alert a “Zero Window” in Expert View.

We will consider the following network for understanding how a path is choosen in STP.

 

We assume that TK5 switch is the root for all VLANs. We have to find a valid path from PC TK II to the server TKA. As TK5 is the root for all the VLANs, all the decisions regarding blocking and forwarding ports will be with reference to this switch. So, ultimately the network would become as follows: (CROSS shows that path which will be blocked).

TERMINAL CONTROLS:

· Config# terminal editing – allows for enhanced editing commands

· Config# terminal monitor – shows output on telnet session

· Config# terminal ip netmask-format hexadecimal|bit-count|decimal – changes the format of subnet masks
HOST NAME:

· Config# hostname ROUTER_NAME
BANNER:

· Config# banner motd # TYPE MESSAGE HERE # – # can be substituted for any character, must start and finish the message
DESCRIPTIONS:

· Config# description THIS IS THE SOUTH ROUTER – can be entered at the Config-if level
(more…)

 

When a router advertises a default route to another router, it thinks that it has route to all the networks, that’s why it’s summarizing all the routes as one default route. Considering this, there is no need for the default route installed on it since it already has an individual route to every network (according to router thinking). So, it installs a route with a default route directing to NULL interface.

Cause Analysis

Routing table of Corp Router showed RIP entry instead of EIGRP.

Network Diagram

Handaling Process &  Solution

For resolving this problem I undertook the following steps:

 

1)    After applying redistribution on R3, I checked that the router 871W and hostd were able to see all the routes on the other side of R3 as RIP routes.     That was normal.

2)    Then I checked Corp Router and found out that Corp showed the route 10.1.12.0 as a RIP Entry. Corp Router was basically running both RIP and EIGRP. Static routes were also installed in Corp with AD of 150.

3)     I stopped RIP on Corp, and checked again. This time a static route took the place of RIP Entry for 10.1.12.0 network.

      4)   I checked the topology table of EIGRP and found the following error:

 

 

The route to 10.1.12.0 showed “FD is Inaccessible” which meant that the EIGRP route in the topology table for the network 10.1.12.0 was not being used for the routing table.

      5) After that I removed static entry as well. EIGRP route was successfully added to the routing table with AD of 170 as shown below

 

         

     6) The route from redistribution is considered as an external route in EIGRP. That’s why we saw RIP and static route in the routing table instead of   

          EIGRP.