Les paquets Hellos sous OSPF sont directement empilé dans le protocol et se trouvent directement derriere l’en-tête OSPF. Le valeur 0×01 dans le second champ de l’entête OSPF “Message Type” indique qu’il s’agit d’un “Hello Packet”

Le paquet Hello contient une liste d’informations parmi lesquels, Le Hello Interval, la priorité OSPF, Le Hello Dead Interval qui correspond à 4 fois l’Hello interval. L’ID du DR et du BDR ainsi que les capacités du routeur à supporter par exemple l’External Routing ou les NSSA.

Durant cette échange, une table de voisinage est mise à jour. Cette “neighbor table” est une liste de dispositifs faisant tourner OSPF.

Une fois que deux routeurs aient échangé des paquets Hellos, le processus de relation de voisinage est lancé. Une fois que cette relation de voisinage est terminé l’état “FULL” est établi et on parle alors de routers adjacent.

Quand l’état FULL est atteint, les tables de voisinage et de topologie doivent être gardé à jour. Les LSA se chargent de cette operation dès qu’il y a un changement topologique ou alors toutes les 30 minutes pour s’assurer de la “fraicheur”.

Différent états des routers durant l’établissement d’une relation de voisinage:

Down : Aucun Hello reçus

Attempt : Etat uniquement valable pour les voisins configure manuellement dans des réseaux de type NBMA.  Le router  envoi des hellos unicast aux voisins depuis lesquels aucun hello n’a été reçu dans le dead interval.

Init :  Indique que le routeur à reçu un hello mais que l’ID du routeur recevant le Hello n’est pas inclut dans le paquet. Ce qui sous entend que la relation de voisinage n’est pas établi.

2-Way : Indique qu’une communication bidirectionnel a été établit entre deux routers.

Exstart : Une fois que le DR et BDR sont élus, les deux routers peuvent échanger les informations d’états de liens.

Exchange : OSPF Routers echanges database descriptors.

Loading : L’echange des informations d’etats de liens se font.

Full : les routers sont adjacents. Les routers LSA et Networks LSA ont été échangés et les tables de topologies sont completement synchronize.

Paquet Hello avant l’ébalissement d’une adjacence etat : “Down”

Paquet Hello après l’ébalissement d’une adjacence etat : “Full”

You will find at the end of this post a link to a .cap file.

With this file you will have to provide the Login and extension number of the Cisco Phone.

You can also give the version of the IP Phone

trace.cap

First you have to go on the Cisco Unified OS Administration web interface.

You have to log yourself with the proper credentials (usually you have the account ccmadministrator for the CUCM Administration and the account admin for the OS Administration, this would be the same account for SSH access), it will depend on your installation.

Once i am logged, you can see that the actual version is 6.1.2.1000-13

You then have to click on Software Upgrades > Install/Upgrade

At this point you can insert the CUCM 7 DVD on your server.

Indicate / as Directory, leave the other fields empty, and click Next

The CUCM7 version should be detected, click Next

I choose to not reboot directly after the installation, (default choice) and I click Next

Now the upgrade is running, go take a coffee (this is a mandatory step).

If you close this page by mistake, you can open an another one and return on it, this won’t affect the upgrade, which is running locally on the server.

You would get this page (when you navigate to Software Upgrades > Install Upgrades) and would have to click on Assume Control.

And you get the previous page with the logs running.

On your CUCM you have 2 partitions, the active one and the inactive one. For now the version number 6 is the active one, once the upgrade will be done, the version 7 will be on the inactive one. So we will basically just Switch version.

This is usefull if you notice a problem after the upgrade to go back quickly on the previous version.

After one hour of upgrade, this is done !

We navigate to the Partition Versions. Show > Software

We can see the 2 versions

We are now going to Switch versions.

Navigate to Settings > Version

Just click Switch Version

You have a notification, just click OK !

Now the Switching process is running.

Now go take another coffee…

The server will reboot and do its stuff :-)

After the Switch (random time, it took 10minutes here) , go back to the web administration page.

Go back on Show > Software (Still on the OS Administration section).

The Active version is the 7.0.1.11000-2 !

Congratz.

Podcast NTP

]]> Ayant subit des petits soucis avec dynamips, l’article que je préparais n’a pas pu être terminé à temps. Mais pour ne pas décevoir ceux qui attendent un nouvel article ( et dieu sait que vous êtes très très très nombreux ^^ ) Voici une petite vidéo sur comment configurer la date avec NTP.

Podcast NTP

]]> http://www.madrouter.com/configurer-la-date-avec-ntp/feed/ http://www.madrouter.com/madrouter-is-back/ http://www.madrouter.com/madrouter-is-back/#comments Thu, 14 May 2009 12:52:31 +0000 Alex http://www.madrouter.com/?p=72 It has been a long time we did not post. From now, every sunday MadRouter will be updated with a new recipe!

Keep connected!

Cisco… partenaire de Rock Band 2 ! Si j’avais su j’aurais pas acheter Guitar Hero 4

Il y a tout d’abord 2 vidéos a regarder, les questions sont en dessous.

Il y aura 2 questions. La première question est commune aux 2 vidéos, et la seconde question parlera justement de la différence entre ces 2 vidéos.

Les 2 routeurs sont des 3620, avec comme version d’IOS:

Router>sh version | in IOS
IOS (tm) 3600 Software (C3620-IS-M), Version 12.3(22), RELEASE SOFTWARE (fc2)

Voila la première tentative de connexion sur le routeur madrouter#1:

Voila la deuxième tentative de connexion sur un 2ème routeur madrouter#2:

Les questions sont simples:

- Pourquoi il y a une erreur quand on tente de passer en mode enable?
- Pourquoi le message d’erreur est-il différent sur les 2 routeurs?

hf !

Lets explain the basic configuration of the routers.

R1

R1(config)#int fa0/0
R1(config-if)#ip add 192.168.0.2 255.255.255.0
R1(config-if)#no sh
R1(config-if)#int s0/0/0
R1(config-if)#ip add 1.1.1.1 255.255.255.252
R1(config-if)#no sh
R1(config)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0/0

R2

R2(config)#int fa0/0
R2(config-if)#ip add 192.168.0.3 255.255.255.0
R2(config-if)#no sh
R2(config-if)#int s0/0/0
R2(config-if)#ip add 2.2.2.1 255.255.255.252
R2(config-if)#no sh
R2(config)#exit
R2(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0/0

Nothing difficult to understand. You can see that there will be a static route for the internet traffic on both R1 and R2.

Now let’s configure R3 and R4. In my lab both R3 and R4 on their f0/1 interfaces will get IP addresses from the DHCP server on my LAN (which will also provide internet connection).
NAT with overload (PAT) will also be configured on both R3 and R4 for the internet connectivity on PC1

R3

R3(config)#int f0/1
R3(config-if)#ip add dhcp
R3(config-if)#ip nat outside
R3(config-if)#no sh
R3(config-if)#int s0/0/1
R3(config-if)#ip add 1.1.1.2 255.255.255.252
R3(config-if)#ip nat inside
R3(config-if)#no sh
R3(config-if)#exit
R3(config)#ip route 192.168.0.0 255.255.255.0 serial 0/0/1
R3(config)#access-list 1 permit any
R3(config)#ip nat inside source list 1 interface fastEthernet 0/1 overload

R4

R4(config)#int f0/1
R4(config-if)#ip add dhcp
R4(config-if)#ip nat outside
R4(config-if)#no sh
R4(config-if)#int s0/0/1
R4(config-if)#ip add 2.2.2.2 255.255.255.252
R4(config-if)#ip nat inside
R4(config-if)#no sh
R4(config-if)#exit
R4(config)#ip route 192.168.0.0 255.255.255.0 serial 0/0/1
R4(config)#access-list 1 permit any
R4(config)#ip nat inside source list 1 interface fastEthernet 0/1 overload

Don’t forget the route for the LAN network (192.168.0.0)
Now all is set.

If we want to configure PC1, we can set for example:
IP ADDRESS> 192.168.0.60
NETMASK> 255.255.255.0
GATEWAY> 192.168.0.2 or 192.168.0.3
DNS SERVER> 10.19.40.1 //this is my LAN DNS server.

Sweet it’s working, now we can configure our redundancy. The principle here is simple, we will assign a virtual IP address on both R1 and R2. And this virutal IP address will be the gateway for PC1
R1

R1(config)#int f0/0
R1(config-if)#standby 1 ip 192.168.0.1
R1(config-if)#standby 1 preempt
R1(config-if)#standby 1 priority 105
R1(config-if)#standby 1 track serial 0/0/0

R2

R2(config)#int f0/0
R2(config-if)#standby 1 ip 192.168.0.1
R2(config-if)#standby 1 preempt
R2(config-if)#standby 1 priority 100
R2(config-if)#standby 1 track serial 0/0/0

Explanations:
standby 1 ip 192.168.0.1
The number 1 is the hsrp group. The IP address 192.168.0.1 will be the virtual one, this will be PC1’s gateway.

standby 1 preempt
This is needed for the router to become the Active Router instead of the Standby Router. When it sees that the Active router is down or when its priority has becomed higher thant the Active router’s one.

standby 1 priority 100
that’s the priority, if we have 2 routers, the one with the biggest priority will become the Active Router, the other one will be the Standby Router.
By default the priority is set to 100 (From 1 to 255). If the 2 routers have the same priority, the one with the biggest IP address will become the Active Router.

standby 1 track serial 0/0/0
Let say R1 is the Active router, everything is fine except the serial link between R1 and R3, so the internet connection is down, but R1 will still remain the Active router.
That’s why this command is so important, it will check the serial link, and if it goes down, it will decrement from 10 the priority. Then R2 will have a higher priority (100 > 95) and R2 will become the Active Router, thanks to the preempt command that allows to automatically let R2 become the Active router when it sees its priority bigger thant R1’s priority.

Verifications
Now let’s go on tests.
PC1 is configured this way:
IP ADDRESS> 192.168.0.60
NETMASK> 255.255.255.0
GATEWAY> 192.168.0.1
DNS SERVER> 10.19.40.1 //this is my LAN DNS server.

You can see when i use the tracert command on my DNS server, I am using the link between R1 and R3.

I just can’t explain why the name in front of [192.168.0.2] is thinklabs.esi-supinfo.com … It seems to be a host in the LAN (the LAN that provides internet connectivity to f0/1 on both R3 and R4)

Now I will ping google and then unplug a wire on R1

As you can see we have 2 timeout then the connection is up again

Another tracert now

Still the same bug (?) with the name of the router.
But We can see that now we are using the link between R2 and R4 !

Now let’s go on PC1 and see the ARP cache.

The MAC address of a virtual IP Address with hsrp will always be:
00-00-0c-07-ac-**
** will be the HSRP group number.

For security reasons, you will may want to set a secure password between your routers for the protocol HSRP to work.
You will just need to set this command on the interface configuration mode.

Router(config-if)#standby 1 authentication md5 key-string toto

You also can set the password in clear text mode…

En image le petit logo visible en ouvrant le chassis, Big Fuckin Router in da place