OSPF is an interior gateway protocol that routes Internet Protocol (IP) packets solely within a single routing domain (autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology determines the routing table presented to the Internet Layer which makes routing decisions based solely on the destination IP address found in IP packets. OSPF was designed to support variable-length subnet masking (VLSM) or Classless Inter-Domain Routing (CIDR) addressing models.

In order to configure OSPF on a Nexus switch, you need to think abou tthese steps :

1. Enable OSPF.
2. Configure the OSPF routing process.
3. Assign interfaces to the instance tag.
4. Configure passive interfaces if required.
5. Configure summarization.
6. Configure redistribution of other protocols if required.
7. Verify.

Enabling OSPF :

NX7K# conf t
NX7K(config)# feature ospf

You can configure OSPF with a numericac or alphanumeric process ID just like EIGRP.

NX7K(config)# router ospf 100

or

NX7K(config)# router ospf Instance1
NX7K(config-router)# router-id 1.1.1.1

The network advertising in NX-OS is more granular than the one in IOS. NX-OS uses a per-interface approach only.

NX7K(config)# interface e1/1
NX7K(config-if)# ip router ospf 100 area 0

or

NX7K(config)# interface e1/1
NX7K(config-if)# ip router ospf Instance1 area 0

Let’s now configure a passive interface :

NX7K# conf t
NX7K(config)# interface e1/1
NX7K(config-if)# ip ospf passive-interface ospf 100

or if the process ID is alphanumeric :

NX7K# conf t
NX7K(config)# interface e1/1
NX7K(config-if)# ip ospf passive-interface

Step 7 : Summarization:

NX7K# conf t
NX7K(config)# router ospf 100
NX7K(config-router)# area 4 range 100 10.10.128.0/20

Where 10.10.128.0/20 is the summary of the routes you are summarizing. The Summarization in OSPF is performed at the area edge router : the ABR (Area Border Router) or ASBR (Autonomous System Border Router).

The configutation of stub areas is the same as in the IOS :

For a stub area :

NX7K# conf t
NX7K(config)# router ospf 100
NX7K(config-router)# area 4 stub

For a totally stubb area :

NX7K# conf t
NX7K(config)# router ospf 100
NX7K(config-router)# area 4 stub no-summary

Configuration of a Key Chain:

NX7K(config)# key chain NEXUS
NX7K(config-keychain)# key 1
NX7K(config-keychain-key)# key-string NEXUSKEY

Configuration of the authentication :

NX7K(config)# router ospf Instance1
NX7K(config-router)# area 4 authentication message-digest
NX7K(config-router)# interface vlan 11
NX7K(config-router-if)#ip ospf authentication key-chain nexus

 Ok let’s talk about EIGRP. According to Wikipedia , Enhanced Interior Gateway Routing Protocol – (EIGRP) is a Cisco proprietary routing protocol loosely based on their original IGRP. EIGRP is an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router. Routers that support EIGRP will automatically redistribute route information to IGRP neighbors by converting the 32 bit EIGRP metric to the 24 bit IGRP metric. Most of the routing optimizations are based on the Diffusing Update Algorithm (DUAL) work from SRI, which guarantees loop-free operation and provides a mechanism for fast convergence.

EIGRP stores data in three tables:

• Neighbor Table: Stores data about the neighboring routers, i.e. those directly accessible through directly connected interfaces.

• Topology Table: Confusingly named, this table does not store an overview of the complete network topology; rather, it effectively contains only the aggregation of the routing tables gathered from all directly connected neighbors. This table contains a list of destination networks in the EIGRP-routed network together with their respective metrics. Also for every destination, a successor and a feasible successor are identified and stored in the table if they exist. Every destination in the topology table can be marked either as “Passive”, which is the state when the routing has stabilized and the router knows the route to the destination, or “Active” when the topology has changed and the router is in the process of (actively) updating its route to that destination.

• Routing table: Stores the actual routes to all destinations; the routing table is populated from the topology table with every destination network that has its successor and optionally feasible successor identified (if unequal-cost load-balancing is enabled using the variance command). The successors and feasible successors serve as the next hop routers for these destinations.

Unlike most other distance vector protocols, EIGRP does not rely on periodic route dumps in order to maintain its topology table. Routing information is exchanged only upon the establishment of new neighbor adjacencies, after which only changes are sent. Also, it uses route tagging.

In order to configure EIGRP on a Nexus switch, you need to think abou tthese steps :

1. Enable EIGRP.
2. Configure the EIGRP routing process.
3. Assign interfaces to the instance tag.
4. Configure passive interfaces if required.
5. Configure summarization.
6. Configure redistribution of other protocols if required.
7. Verify.

Alright, let’s get our hands in the configuration… Well first of all you need to enable EIGRP… confusing at first but easy :

NX7K# conf t
NX7K(config)# feature eigrp

At this point you told your switch ” I want to use EIGRP “, because yes, in Nexus switches, if you don’t use a feature, there’s no reasons to enable it. It makes perfect sense, doesn’t it ? Now let’s the fun begin and configure an EIGRP routing instance :

NX7K(config)# router eigrp 100

Ok that was easy, what about this ?

NX7K(config)# router eigrp Instance1

Yes sir ! You read it … We now can have alphanumeric string to define the routing instance. But you are probably wondering ” Wait !!! Isn’t it supposed to be an AS number ? ” … Well well well yes and that’s why, if you use an alphanumerical string as an instance tag, you need to add an AS number like this :

NX7K(config)# router eigrp Instance1
NX7K(config-router)# autonomous-system 100

Let’s now add an interface into the EIGRP process :

NX7K(config)# interface e1/1
NX7K(config-if)# ip router eigrp 100

or

NX7K(config)# interface e1/1
NX7K(config-if)# ip router eigrp Instance1

Configuring a passive interface is easy as well, but let’s just refresh our memory. What on earth is a passive interface ? The ‘passive-interface’ command prevents EIGRP (and OSPF) from sending the hello packets out this interface. As a result of that, there is no neighbor adjacency built on that interface and no EIGRP exchange occurs. However, the interface is still enabled for EIGRP and as such the IP address found on the interface (subnet/network) is still being advertised.

NX7K# conf t
NX7K(config)# interface e1/1
NX7K(config-if)# ip passive-interface eigrp 100

Step 7 : Summarization:

NX7K# conf t
NX7K(config)# interface e1/1
NX7K(config-if)# ip summary-address eigrp 100 10.10.128.0/20

10.10.128.0/20 being, of course, the summary of the routes you are summarizing, that goes without saying, right?

One very important thing to do when deploying a routing protocol such as EIGRP on a production network is to actually secure EIGRP with authentication.

Configuration of a Key Chain:

NX7K(config)# key chain NEXUS
NX7K(config-keychain)# key 1
NX7K(config-keychain-key)# key-string NEXUSKEY

Configuration of the authentication :

NX7K(config)# router eigrp Instance1
NX7K(config-router)# address-family ipv4 unicast
NX7K(config-router-af)# authentication mode md5
NX7K(config-router-af)# authenticationkey-chain NEXUS

You noticed the use of the “address-family2 command allow a more detailed level of control by providing the ability to group protocol attributes. Anyway let’s now configure the authentication on an interface :

NX7K# conf t
NX7K(config)# interface e1/1
NX7K(config-if)# ip authentication mode eigrp Instance1 md5
NX7K(config-if)# ip authentication key-chain eigrp Instance1 newkey

Vlan Trunking Protocol aka VTP : NX-OS has four different VTP modes…YES FOUR…

1. OFF : In OFF mode, VTP is simply disabled. A Nexus switch in VTP OFF mode will neither send or receive VTP advertisements.
2. SERVER : You already know about this one. On a VTP SERVER switch you can create, modify and delete VLANs.
3. CLIENT : Nothing new here either. CLIENTS can send and receive VTP advertisements and upgrade their vlan database but can not add, modify or delete VLANs locally.
4. TRANSPARENT : These ones transmit VTP advertisements but it will have no impact on their VLAN database.

 Private VLANs aka PVLAN are still part of the game :

The concepts behind Private VLANs are in fact rather simple, but it is quite easy to get discombobulated in the details. In their simplest form, PVLANs can dissociate ports within a PVLAN as if they were on separate VLANS, but still allow them to communicate with a common default gateway. i.e. these ports share a subnet, but can be prevented from communicating to each other.

In order to accomplish this we split our VLAN into sub-VLANS and classify these into one of three groups depending on how we want to segregate traffic. These groups are as follows.

• Promiscuous / P-port: This port type is allowed to send and receive from any other port on the VLAN. Typically this would be connected to a router.
• Isolated/ I-port: This type of port is only allowed to communicate with promiscuous ports, they are not only isolated from community ports, but other isolated ports. You commonly see these ports connecting to hosts.
• Community / C-port: Can only communicate with other C-ports and P-ports.

In our example we’re using VLAN 100 as our primary VLAN. Our host machines will be setup on VLAN 101 which will be configured as Isolated. Our servers will be configured as Community ports on VLAN 102. Essentially, once established, VLAN 100 will forward frames from P-ports to I and C-ports. VLAN 101 and 102 are considered secondary VLANs.

(source : http://routerjockey.com)

 Spanning Tree Protocol is here too, well two different flavors of it :

• Rapid Per-VLAN Spanning Tree aka Rapid-PVST/802.1w : Rapid per VLAN Spanning Tree (Rapid PVST+) is an updated implementation of STP that allows you to create one
  spanning tree topology for each VLAN. Rapid PVST+ is the default STP mode on the switch.
• Multiple Spanning Tree aka MST/802.1s : Multiple Spanning Tree (MST) is an IEEE standard inspired from the Cisco proprietary Multiple Instances Spanning Tree Protocol (MISTP) implementation. This document assumes that the reader is familiar with Rapid STP (RSTP) (802.1w), as MST heavily relies on this other IEEE standard.

Nowadays people, especially teenagers, are really used to browsing the web and use messengers software, blogs and social network sites to communicate. It got to the point that they barely use their phones anymore. Do not get me wrong the Internet is a beautiful tool (for those who know how to use it). But there are inconvenients that come with the territory:

1. People are not trained to understand the dangers of the Internet. Yes the Internet can be dangerous. Internet rapists, hustlers, identity thieves, hackers exist. And on top of that, they are totally anonymous.
2. There is no Internet Police Authority or international and homogeneous laws.
3. Information posted on the internet (personal information included) are archived and visible “forever”.

You might want to read this :

On the Internet we now can watch videos, listen to radio, play games, read the news, communicate with friends and family, study, manage our bank accounts, pay our bills, buy clothes and products…etc…

If you want to know if you are addicted to the Internet or not, click the image bellow and find out.

Let’s not turn arount the pot : The Cisco Nexus switch is a beast !!! Scalability, flexibility, availability, modularity, resiliency, serviceability, virtualization among other things…

I will not get into the details too much, but here is a list of features and good points that come with the territory :

Virtual Device Contexts aka VDC : This concept can be confusing at first and that’s why I said I was a bit lost when I got my hands on a Nexus switch. You probably already know what a VRF (Virtual Routing Forwarding Table) is… No ? Ok, to make a long story short, a VRF is a virtual routing table and in a MPLS VPN architecture, a Provider Edge router (aka PE router) can contain multiple VRFs…YES a router with multiple routing tables with overlapping IP addressing… I won’t get into all that now as it is not our concern at this point.

Well a VDC is, somehow, something kind of similar. Instead of having multiple routing tables on a physical router, how about we take a physical router and we divide it into multiple virtual router instances? Brilliant isn’t it ? Of course each virtual instance can have its own VRF or VRFs. But you might ask “What is the point of having virtual routers?”. The answer is simple : fault isolation, adminstration plane, separation of data traffic and enhanced security.

Vitual Port Channels aka vPC : In my early days studying networking concepts , there was one protocol that I could not stand for some reasons : SPANNING-TREE PROTOCOL. I almost hated it with a passion. All these things I needed to understands made me sick : root bridge election , bridge ID, designated/root/blocked ports…etc.. In a Nexus-based topology, a switch (or a server) can use an etherchannel with two other upstream switches WITHOUT THE NEED FOR A BLOCKED PORT. Yes !!!

You might want to watch that video that actually quickly compare VSS and vPC :

Non-stop operation : Ok this is my favorite feature here. You can litterally upgrade your operating system without restarting. It could have been called “Hot Plug System Operation” but Cisco called it In-Service Software Upgrade (ISSU). You can maintain, upgrade your system and processes will restart dynamically.

There’s so much more to talk about, but I will just stop here for now.

First of all, DO NOT stress. Consider this like a meeting. Well if you stress at meetings then something might be wrong with you…

Be yourself, don’t try to cheat or lie. That’s probably the best mistake you can make. Don’t give them a chance to blame you and be disappointed. You might not get the job and end up being blacklisted by the company.

The recruiters don’t expect you to just read your resume. They want to know what is not written in it. The way you faced certain situations, how you’ve been able to deploy the solution in time, how you’ve been able to convince the client to update its network or change the network architecture, how you’ve dealt with difficult situations with your coworkers…etc…

They also want to know your personality, qualities and drawbacks. Be humble when mentionning your qualities : do NOT tell them «  I am the best engineer in the market ». Oh and of course , do NOT tell them «  I don’t have any drawbacks ». As a matter of fact, when you let them know about your drawbacks, they will expect you to explain what you are doing to reduce these drawbacks. For instance, if you are shy, you might take part of comedian classes and tell them you do. Recruiters will always appreciate the fact that you are trying to improve yourself.

Just like in your objective section in your resume, make sure you emphase every aspect of your experience that might be useful for the job you applied to. You need to make them feel like you are the guy they need for this position.

Make sure you have a few questions to ask. Questions about the job like «  What is the day to day duty ? », « Will I work alone or will I be part of a team ? ». See you are already considering that you got the job. You really need to show your interest in this job.

Be natural and give your best, you will have no regret.

So you are looking for a job as a network engineer and you know they are going to know your level of expertise. You need to prepare. Maybe this is your first interview and you don’t know what to expect. Well here is a few questions that can be asked during an interview :

What is a “floating static” route?
What is a route-map? Name three configurations that might reference a route-map.
What is a jumbo packet? How would you enable jumbo packet support on a Cisco device?
What is netflow and how is it used?

An OSPF area is configured as “totally stubby” What will “show ip route ospf” reveal at the CLI?
Please draw a layer 1 network diagram
Please draw a layer 2 network diagram
Please draw a layer 3 network diagram

Difference between hub, bridge and switch?
What is mac address and why it is required?
What is arp and why it is required?
What is Spanning Tree Protocol aka STP?

What is the difference between broadcast and collision domain?
Define type of lan traffic.
What is destination address of broadcast frame?
What is BPDU?

Define selection criteria of STP root bridge.
How does non bridge decide which port will elect as root port?
If a nonroot bridge has two redundant ports with the same root path cost, how does the bridge choose which port will be the root port?
Port states of spanning tree protocol.

Why spanning tree BPDU filter is used?
Can I use BPDU filter on trunk ports?
What is port security?
I want to learn only a single mac from the port, what need to be configured?

Can we use spanning port-fast on trunk ports?
Difference between trunk and access port?
What is UDLD and why it is required?
What is interface vlan on switch?

What is MPLS and why it is being so popular in short time?
What is the protocol used by MPLS?
MPLS works on which layer?
What is the difference between P and PE router?

My LDP router id, OSPF router id and BGP router id is different, will it work to forward the traffic of customers or not?
What is  PHP and why it is required? Which router performs the PHP function?
What are the different types of labels?
What is the difference between RD and RT?

What is a VRF?
How to filter MPLS labels?
What is the default range of MPLS labels in Cisco routers? How to extend that range?
Without route reflector can I implement MPLS?

What is the difference between VPNv4 and IPv4 address family?
What is MP-iBGP? Can we use normal BGP in lieu of MP-iBGP?
What is LIB?
What is LFIB?

What is CEF and without enabling CEF, can we make MPLS work?
What is explicit null and implicit null?
Default timers of LDP?
What is transport address?

What is the difference between MPLS, SSL and IPSec?
Why MPLS is called MULTI PROTOCOL?
Does MPLS support IPv6?
What is Forwarding Equivalent Class (FEC) ?

What is adjacency table ?
BGP is IGP or EGP?
BGP is link state or distance vector protocol?
When to use BGP?

Can I use BGP instead of any IGP?
What is Autonomous System?
Type of BGP routing table ?
What is the BGP path selection criteria?

Define various BGP path attributes?
Why weight doesn’t fall under path attribute category?
What is confederation?
What is route reflector and why it is required?

What is no-synchronization rule?
Default BGP timers?
When does BGP use 0.0.0.0 router id?

More to come soon…

If you think you will get a good job, better yet The Dream Job just by uploading a resume online, hmm you might be a little bit wrong. There are things you need to know.

When you apply to a job online on sites like Monster, you have to keep in mind that there are other people job hunting who will apply to the same job. It is obvious but trust me, some people don’t even realize that they are not alone in the world. So by applying on Monster you will have to face competition.

If you want to avoid it, you have to find a job via your network. You need to know or get to know people on your field : engineers, managers, recruiters…etc… And don’t be scared, contact them directly and ask them if they have any opening available or coming soon or if they know anybody hiring. This strategy gives surprising results if you do it well. You might get jobs that are not online or officially available yet.

Weither you apply online or not, your resume has to be taylor made. It has to match the job description as much as possible. For instance if a big Fortune 500 company is looking for a network administrator, you might want to emphase the fact that you already worked in big companies, that you are a team player and have experience troubleshooting LAN and WAN Cisco networks. You might also want to let know that you know about protocols like OSPF, BGP and Spanning-Tree protocol… I am sure you get the idea.

This book will help you understand Multi Protocol Label Switching (aka MPLS) and implement it. Also if you are working on your CCIE Routing and Switching or Service Provider certification, you need this book.

It is nicely explained and there is no way for you to not understand concepts like LDP, IP CEF, MP-BGP or Traffic Engineering with this book. You will get a comprehensive overview of all the aspects of MPLS, including the building blocks, its applications, troubleshooting and a perspective on the future of MPLS.