Make a network diagram before you start tshooting

Hello

Today I spent an hour trying to set up a simple as path prepending scenario and I couldn’t make it work. The task seemed impossible because it seemed that the router that was supposed to be making the decision based on the as-path length wouldn’t receive one of the routes, because the routes had its AS in the path already, so the bgp loop condition wasn’t met.

This is an important lesson – always spend time preparing for the task instead of trying to configure everything straightaway. Think, draw, configure. Trying to save time will get you into more trouble than it’s worth.

Access lists after 11p.m.

Today I was configuring a summary route between two routers and I had a strange problem:

On R5 i wanted to configure a summary route for addresses 150.1.1.1, 150.1.2.2, 150.1.3.3 etc and send this route over to R8.

int eth0/0.58

ip summary-address rip 150.1.1.0 255.255.255.248

That should do it right?

So I did, and to my astonishment R8 got the summary PLUS all the /32 routes.

After 15 minutes of troubleshooting and cursing at GNS3 I realized what was happening. It was well after 11p.m. and I couldn’t see the fact that instead of creating a summary route 150.1.0.0 255.255.248.0, I created one for 255.255.255.248.

When you’re tired, doublecheck all the numbers. Tiredness is very much like being drunk. Being tired can cause serious network outages.

Network fundamentals, unit 1

Hello

As promised, today i start a new series of posts for absolute beginners.

Unlike many other ”serious” documents on this subject where they begin with lashings and oozles of theoretical concepts and historical background, I will try to demonstrate how to build a simple company network from scratch using basic configurations and little bits of theory here and there.

Let’s begin! Here’s our scenario.

Our company (let’s call it Evilcorp) has around 70 employees and because they have always worked remotely and have their own home internet connections, Evilcorp never got around to renting an office and building an office network. However, Evilcorp’s boss has now decided that remote workers are passe and rented a big office for their employees.

Here’s what we know:

  1. Currently, the office has 1 CEO, 40 programmers, 10 generalists, 3 accountants, 5 hr people, 3 directors, 5 IT people, 5 assistants. Evilcorp plans to hire 10% more every year.
  2. The office has three floors.
  3. The company has 10 printers, each employee needs an IP phone, there are also other IP-enabled devices (TVs, projectors, etc.).
  4. There are 5 network drives that our programmers need access to and 1 network drive for accountants.
  5. We have ten servers (web servers etc., Evil services etc.) that need to be available to the general public. We may have a lot more in the future because Evilcorp is growing fast.
  6. The network needs to be as secure as possible.
  7. The boss likes to work from home and needs remote access to the Evilcorp servers.
  8. The boss says that the office network can never be down, so it needs to be designed to be failure-proof.
  9. In the future, Evilcorp needs a small branch overseas. Sensitive data and voice traffic (IP phones!) will be transferred between the HQ and the branch.
  10. There is a huge budget for IT so we don’t need to worry about money

You have now been hired as an external consultant to design, configure, and continuously improve Evilcorp’s network.

The plan is ambitious. In the next unit we shall try to break it down into specific network tasks.