Ohd Damh

Oct 21, 2021

4 min read

Random Networking Stuff


Classfull Network IP address


  • 128 bit
  • Link local. Prefix fe80::/10
Source: Wikipedia


When setup IPSec, you need to define IKE. In Palo Alto, device to setup VPN called IKE gateway.
Version of IKE:
1. IKEv1 (phase 1, phase 2 process)
2. IKEv2 (less bandwidth, because less message during exchange)

IKEv2 has benefit can do NAT-Traversal.

IKE phase-1 (IKE crypto profile) parameters:

IKE phase-2 (IPSec crypto profile) parameters:

NAT Traversal

When VPN IPSec Traffic passed NAT device in the middle, it make sure port doesn’t change. So it will use source and port address 4500 (ESP). The hash will check if source and port address remain same. If change, then traffic will be dropped.

ESP encrypt IP payload (layer 4–7).
VPN device changes port 500 to 4500 ?


Injecting default-route to BGP neighbor

1. default-information originate + redistribute static (or any dynamic routing protocol having the default route — you may filter only the default route)

2. network command but must make sure the default route is present in the routing table

3. Another way of advertising a default route to a specific BGP neighbor is by issuing the neighbor default-originate command. This method does not require the presence of the network in the routing table of the advertising router.

The configuration of the default-information originate command in BGP is similar to the configuration of the network (BGP) command. The default-information originate command, however, requires explicit redistribution of the route The network command requires only that the route is present in the Interior Gateway Protocol (IGP) routing table. For this reason, the network command is preferred. https://community.cisco.com/t5/routing/bgp-default-information-originate/td-p/772779

BGP Path Selection

  1. > Weight (Cisco proprietary). Default 0. Own route 32768.
  2. > Local Preference. Default 100.
  3. Network/Redistribute > Aggregate
  4. < AS Path (route-map out)
  5. < Origin (IGP<EGP <Incomplete)
  6. < MED/metric (route-map out)
  7. eBGP > iBGP
  8. later
  9. later
  10. Oldest (if both eBGP)
  11. < RouterID
  12. later
  13. later
BGP Path Selection: Weight
BGP Path Selection: MED. R4 send different MED out, to R2 and R3. Causing R1 to select route with lower MED.

BGP AS Number

Range of BGP ASN (source: link)

BGP Confederation

BGP Confederation. Router BGP 123, bgp confederation identifier 1 (real AS), bgp confederation peers 456 (inside), neighbor remote-as 456 (Source:link)
BGP Confederation should be full mesh (source:link)

BGP Dampening

  • Everytime route flapped, it got penalty 1000. Until it exceeded the limit of penalty, router would mark that route to not advertised to any neighbor.
  • Once stable, the cumulative number reduced. Once reach reuse value (750), the route would be advertised again
  • only for routes learned from eBGP

Solution of flapping routes: summarization of route, or BGP dampening

Parameter of bgp dampening (source: link)

BGP Route-ID

Sequence to select BGP router-ID (source: CCIE Routing and Switching Official Exam Certification Guide (2nd Edition))

BFD (Bidirectional Forwarding Detection)

  • UDP
  • For any routing protocol
When link from L2 switch to R2 fail, R1 still have UP L1 connection to L2 Switch. R1 keep sending OSPF message through G0/0 interface until timer ends. (source: link)

BGP Route-Reflector

Define router ID and Reflector Cluster ID as identifier for Route-Reflector (source: link)

OSPF Messages

OSPF messages exchange (source: link)

OSPF Network Types

Spanning Tree Protocol (STP)

STP Interface States
STP Timers (source: link)

The reaction of switches are :

When a switch does not get expected Hello within Hello time, it continues to work as normal and wait until MaxAge time.

Switch waits for MaxAge time if Hello BPDU is received within MaxAge time, switch consider it as some delay in network and continues as before. If not then switch start changing their topology.

Now the status of different ports may change according to new topology adopted by STP. Ports may change their status from forwarding to blocking and vice-versa. But this port status process changing does not do immediately, it goes through two intermediate states i.e, Listening and Learning states.

The change of state from blocking to forwarding along with intermediate listening and learning state is bounded by the time of Forward Delay.