Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,556 --> 00:00:03,746 >> Is something broken? 2 00:00:04,856 --> 00:00:08,006 Did I click on a new nugget and I'm sitting here? 3 00:00:08,006 --> 00:00:09,936 This isn't-- this isn't the title slide. 4 00:00:10,346 --> 00:00:12,586 There's no learning goal. 5 00:00:12,586 --> 00:00:15,866 There's no witty story from Jeremy to start it off. 6 00:00:15,866 --> 00:00:16,736 That-- that's right. 7 00:00:17,076 --> 00:00:19,176 We're crazy here at CBT Nuggets. 8 00:00:19,176 --> 00:00:21,886 We're going to start nuggets a little differently this time. 9 00:00:22,376 --> 00:00:26,306 We're going to start right here where we left off in the last nugget which is OSPF. 10 00:00:26,306 --> 00:00:27,836 Yes, in the last nugget. 11 00:00:27,836 --> 00:00:31,066 I tried to cram it all together, routing protocols 12 00:00:31,066 --> 00:00:34,006 and OSPF all in one manageable sitting. 13 00:00:34,006 --> 00:00:35,926 It's just not possible. 14 00:00:35,926 --> 00:00:36,546 Don't do it. 15 00:00:37,666 --> 00:00:39,596 We're starting OSPF a little different this time. 16 00:00:39,596 --> 00:00:42,606 Now, the fact that we're even talking 17 00:00:42,606 --> 00:00:48,196 about OSPF is a radical change from previous editions of CCNA. 18 00:00:48,196 --> 00:00:52,476 If you've-- if you've heard some, if you've been in the CCNA realm, 19 00:00:52,476 --> 00:00:55,626 you know that we always learn RIP first. 20 00:00:55,966 --> 00:01:01,646 And-- and I've been teaching it that way for so long it almost escaped me how-- how silly. 21 00:01:01,646 --> 00:01:05,236 It's like-- it's like now that I-- now that I look back I'm like, 22 00:01:05,586 --> 00:01:09,116 does anyone really realize how irrelevant RIP is to the world. 23 00:01:09,656 --> 00:01:13,476 But my father had to learn it and his father had to learn it, so you'll learn it too. 24 00:01:13,476 --> 00:01:14,766 Well, not anymore. 25 00:01:15,036 --> 00:01:16,306 RIP is done. 26 00:01:16,306 --> 00:01:20,306 Rest in peace, that just came to me, rest in peace, RIP. 27 00:01:20,586 --> 00:01:22,076 You are now replaced by OSPF. 28 00:01:22,076 --> 00:01:24,546 Now does that mean RIP as a protocol is gone? 29 00:01:24,546 --> 00:01:25,686 No, it's still out there. 30 00:01:25,876 --> 00:01:29,006 The beauty and the reason that-- the reason we've learned it for so long is 31 00:01:29,006 --> 00:01:32,436 that it's the simplest of all routing protocols. 32 00:01:32,436 --> 00:01:38,066 But the fact is you walk out of your door right now and walk in any network in the world 33 00:01:38,066 --> 00:01:41,136 and chances are very good it's not going to be running RIP. 34 00:01:41,136 --> 00:01:42,286 If it is, e-mail me. 35 00:01:42,826 --> 00:01:43,546 I want to hear from you. 36 00:01:43,836 --> 00:01:47,806 But-- but most of the-- most of the networks of the world run on OSPF, 37 00:01:47,806 --> 00:01:49,366 most popular routing protocol in the world. 38 00:01:49,576 --> 00:01:53,976 Now the reason it was in CCNA is because this was the simplest. 39 00:01:53,976 --> 00:01:55,846 But somebody sat down and sharpened their pen and said, 40 00:01:55,846 --> 00:01:59,066 you know what, OSPF is just a little bit more. 41 00:01:59,066 --> 00:02:01,476 I mean it's not that much more to understand the foundations. 42 00:02:01,476 --> 00:02:03,096 Now keep in mind, OSPF. 43 00:02:03,096 --> 00:02:09,506 Think of it-- think of-- I got a little beach here, a little beach umbrella, 44 00:02:09,506 --> 00:02:13,166 some people on a lawn chair sitting, the waves coming in. 45 00:02:13,406 --> 00:02:15,916 And you got all this sand on the beach, right? 46 00:02:15,916 --> 00:02:19,816 And then sitting on that sand is a bucket. 47 00:02:20,556 --> 00:02:23,756 Looks like a large bucket in perspective of that person, but it's not. 48 00:02:24,136 --> 00:02:28,206 It's full of sand because all this sand represents OSPF in all its glory. 49 00:02:28,206 --> 00:02:29,716 And you're going to learn what's in that bucket. 50 00:02:29,716 --> 00:02:33,516 You're not going to learn all of it but you will learn enough 51 00:02:33,516 --> 00:02:35,606 that you'll be proficient with OSPF. 52 00:02:35,606 --> 00:02:37,586 You'll be able to recognize the configuration. 53 00:02:37,586 --> 00:02:40,016 You'll be able to set it up yourself and get it running. 54 00:02:40,506 --> 00:02:42,406 You'll be able to hold your own with OSPF. 55 00:02:42,406 --> 00:02:44,576 That's what my goal is. 56 00:02:44,996 --> 00:02:49,506 Before we dive into how to get OSPF working, I want to take a step back, 57 00:02:49,586 --> 00:02:51,896 big picture, what's OSPF do again? 58 00:02:52,336 --> 00:02:56,186 It lets our routers talk about what they think is most interesting. 59 00:02:56,586 --> 00:02:59,686 Router one is going to talk to router two about everything it knows. 60 00:02:59,686 --> 00:03:01,636 And it knows things that it's plugged into. 61 00:03:01,636 --> 00:03:05,676 It knows about the 192.168.1 network. 62 00:03:05,676 --> 00:03:07,846 Why? Because you as an administrator configured it in that network, 63 00:03:07,846 --> 00:03:09,286 so it knows, hey, I'm plugged in there. 64 00:03:09,286 --> 00:03:14,896 And I know I'm plugged into 192.168.2.0 network. 65 00:03:14,896 --> 00:03:16,276 Why? Because you configured it to know that. 66 00:03:16,276 --> 00:03:20,106 So it then talks to router two and says, hey, I know about 2.0 and 1.0 67 00:03:20,106 --> 00:03:23,626 and router two says, that's great I knew about 2.0. 68 00:03:23,916 --> 00:03:25,126 This is our common ground. 69 00:03:25,126 --> 00:03:27,596 This is where we talk about, so yeah that's great, I'll just, 70 00:03:27,596 --> 00:03:29,706 you know, FYI, you know, whatever. 71 00:03:29,926 --> 00:03:35,756 But I didn't know about 192.168.1.0, ooh, that's news. 72 00:03:35,756 --> 00:03:40,216 I'm adding that to my routing table and I'm going to use you, router one, 73 00:03:40,706 --> 00:03:43,256 I'm now talking as router two, playing the role. 74 00:03:43,526 --> 00:03:47,376 I'm going to use you, router one, as my next hop to get there 75 00:03:47,376 --> 00:03:49,956 because you told me about it, that just makes sense. 76 00:03:49,956 --> 00:03:52,726 And router two says, and by the way, there might be something you want 77 00:03:52,726 --> 00:03:56,346 to know about I know about 192.168.3.0. 78 00:03:56,346 --> 00:03:58,826 I just-- just got out of that conversation with my kids. 79 00:03:58,826 --> 00:04:01,636 They love-- I love this suspense that kids have when you-- 80 00:04:01,926 --> 00:04:04,736 when you talk to them and I'm like guess what, guess what. 81 00:04:04,736 --> 00:04:05,826 And they're like, what, what, what? 82 00:04:05,986 --> 00:04:09,686 We're going to go to Dairy Queen and they're like, "Oh, Dairy Queen, ice cream! 83 00:04:09,686 --> 00:04:13,266 Yehey!" You know it's like that's-- routers go through that all the time. 84 00:04:13,376 --> 00:04:19,076 He's like, hey, I know about 192.168.3.0 85 00:04:19,076 --> 00:04:21,516 and router one is like, yehey, I never knew about that. 86 00:04:21,516 --> 00:04:23,856 I'm adding it to my routing table. 87 00:04:23,856 --> 00:04:24,786 Now, I have a way to get there. 88 00:04:24,786 --> 00:04:25,486 Way, which way? 89 00:04:25,486 --> 00:04:27,106 You, router two, 'cause you told me about it. 90 00:04:27,106 --> 00:04:28,316 So that's how they inform each other. 91 00:04:28,316 --> 00:04:29,516 Now-- now let's dig a little bit deeper. 92 00:04:29,516 --> 00:04:33,676 That's routing protocols and all routing protocols do that. 93 00:04:34,426 --> 00:04:36,766 That's their goal. 94 00:04:36,766 --> 00:04:39,326 How does OSPF do it that's a little different than say RIP? 95 00:04:39,326 --> 00:04:40,616 Well, OSPF uses something known as a Hello packet. 96 00:04:40,616 --> 00:04:41,916 Oh, so different than RIP. 97 00:04:41,916 --> 00:04:44,636 See RIP never really forms a relationship. 98 00:04:44,846 --> 00:04:48,086 It's just a bunch of passerby screaming information out. 99 00:04:48,086 --> 00:04:52,376 If these guys are running RIP, you know, router one and router two are just yelling. 100 00:04:52,376 --> 00:04:53,906 They don't really care who gets in there. 101 00:04:53,906 --> 00:04:57,776 They're just sending a big broadcast or multicast message saying, "Hey, everybody, 102 00:04:57,776 --> 00:04:59,086 I know about this, this and this and this." 103 00:04:59,086 --> 00:05:02,716 There's no-- there's no acknowledgement that anybody got that. 104 00:05:03,116 --> 00:05:08,226 They don't really follow up with that to make sure the information was received in any way. 105 00:05:08,486 --> 00:05:11,096 They just broadcast it out and hope it gets there. 106 00:05:11,096 --> 00:05:14,356 Now, OSPF is much more methodical than that. 107 00:05:14,916 --> 00:05:18,166 OSPF says from router one's perspective the very, 108 00:05:18,166 --> 00:05:21,146 very first thing he sends out is a Hello packet. 109 00:05:21,176 --> 00:05:27,396 And they should have called it a Hello package because it really contains all kinds 110 00:05:27,396 --> 00:05:29,636 of interesting information about router one. 111 00:05:29,856 --> 00:05:35,756 It contains for instance a series of timers like router one inside of this Hello package, 112 00:05:35,896 --> 00:05:39,186 you know, when router two opens it up he's going to see a little piece of paper that says, hey, 113 00:05:39,186 --> 00:05:45,046 you know what, I say hello once every 10 seconds and I have a dead timer of 40 seconds. 114 00:05:45,046 --> 00:05:45,926 What's that mean to router two? 115 00:05:46,126 --> 00:05:50,816 That means I can expect that router one is going to be like, hey man, every 10 seconds just 116 00:05:50,816 --> 00:05:54,146 to make sure that I'm online, that I'm available and I can also hear from router-- 117 00:05:54,406 --> 00:05:56,456 router one that he's available once every 10 seconds. 118 00:05:56,756 --> 00:06:02,186 Same thing if he doesn't hear from somebody-- if he doesn't hear from a friend and neighbor 119 00:06:02,436 --> 00:06:05,526 in 40 seconds, then he's going to consider that neighbor dead. 120 00:06:05,696 --> 00:06:09,596 So router two now knows, okay, when speaking to router one, I know if he doesn't hear from me 121 00:06:09,596 --> 00:06:13,386 in 40 seconds, he's going to consider me offline and he's going 122 00:06:13,386 --> 00:06:15,156 to mark all of my networks unreachable. 123 00:06:16,306 --> 00:06:22,906 Now, the reason that this is a big deal is OSPF is very picky about its relationships. 124 00:06:23,346 --> 00:06:29,356 If the timers don't match, if router one is saying hello once every 10 seconds 125 00:06:29,356 --> 00:06:32,596 and router two is like I'm a speedy router, I say hello once every second. 126 00:06:32,596 --> 00:06:33,816 Hello, hello, hello, hello, hello. 127 00:06:34,216 --> 00:06:37,136 If he's-- if he is that way, they're not going to form a neighbor relationships. 128 00:06:37,136 --> 00:06:38,886 Timers must match. 129 00:06:39,266 --> 00:06:42,206 The area that they're configured in must match. 130 00:06:42,206 --> 00:06:44,306 And you might say, well, what's an area? 131 00:06:44,736 --> 00:06:47,556 And that's part of the buckets of the sand of the seashore 132 00:06:47,556 --> 00:06:49,456 that we're not really going to talk too much about. 133 00:06:49,456 --> 00:06:52,036 But let me give you the high level view. 134 00:06:52,036 --> 00:06:58,146 OSPF allows you to break your network up into kind of groups of networks. 135 00:06:58,226 --> 00:06:59,446 So here's the idea, right? 136 00:06:59,696 --> 00:07:02,316 All networks start really small, maybe it's two offices. 137 00:07:02,316 --> 00:07:08,076 Over here is an office in Minnesota or Michigan 'cause I don't know the abbreviation 138 00:07:08,076 --> 00:07:09,356 for Minnesota. 139 00:07:09,356 --> 00:07:11,196 And then over here is an office in Texas, right? 140 00:07:11,196 --> 00:07:13,746 And that's just where the business begins. 141 00:07:14,086 --> 00:07:15,446 And then it kind of grows from there. 142 00:07:15,446 --> 00:07:20,046 It grows, you know, you add more offices and more offices and you get to 10, 20, 30, 40, 50, 143 00:07:20,296 --> 00:07:23,266 60 offices, it's starting to get a little chaotic, right? 144 00:07:23,446 --> 00:07:26,126 You've got all of these different routers that are connected together 145 00:07:27,116 --> 00:07:31,136 and your routing table is getting bigger and bigger and bigger and bigger and bigger. 146 00:07:31,296 --> 00:07:35,846 And here is the fact, the bigger your routing table, the slower your router. 147 00:07:36,536 --> 00:07:42,356 So our goal as a network administrator is to say, I want to keep my routing table small, 148 00:07:42,356 --> 00:07:44,426 and areas is what help us do that. 149 00:07:44,426 --> 00:07:50,736 See, as I grow this, I eventually can say, okay, I'm going to break this whole group of routers 150 00:07:51,156 --> 00:07:53,156 into an area and we'll call it area zero. 151 00:07:53,156 --> 00:07:55,686 Now area zero happens to be very special. 152 00:07:55,896 --> 00:07:58,786 It's the very first area that you create with OSPF. 153 00:07:58,786 --> 00:08:01,606 As a matter of fact, you can't run OSPF. 154 00:08:01,606 --> 00:08:05,186 You can't get OSPF working without designating an area. 155 00:08:05,186 --> 00:08:08,896 And for what we're going to talk about, everything will be in area zero. 156 00:08:08,896 --> 00:08:10,526 Now how big can area zero grow? 157 00:08:10,916 --> 00:08:15,786 However big you want it to, 50 routers, 100 routers, a thousand routers. 158 00:08:15,886 --> 00:08:17,436 Sure, you can do that. 159 00:08:17,686 --> 00:08:22,256 But as-- as the area grows bigger and bigger and bigger, eventually you're going to reach a point 160 00:08:22,256 --> 00:08:24,236 where you're like, ah, it's too big. 161 00:08:24,546 --> 00:08:26,016 Our routers are running out of memory. 162 00:08:26,016 --> 00:08:26,956 They're slowing down. 163 00:08:26,956 --> 00:08:29,426 There's too many-- too many changes like a network goes down 164 00:08:29,426 --> 00:08:31,846 and everybody is like, oh, I have to know about that. 165 00:08:31,846 --> 00:08:34,036 And all these-- these updates flood my network. 166 00:08:34,036 --> 00:08:35,706 You reach a point where it just gets too big. 167 00:08:35,706 --> 00:08:42,636 Now, I will say big in terms of today like 2013 is much different than big 168 00:08:42,846 --> 00:08:48,176 as it was in 2005, and big in 1993. 169 00:08:48,176 --> 00:08:51,766 And I mean big that that term changes because our routers are beefier. 170 00:08:51,766 --> 00:08:53,536 They got more memory, more process and all that. 171 00:08:53,536 --> 00:08:55,496 But eventually, you go, what's an area. 172 00:08:56,036 --> 00:09:00,826 So an area is where you say, okay, at this office I want to add a dividing line. 173 00:09:01,066 --> 00:09:03,416 I want to break this into area one. 174 00:09:04,046 --> 00:09:06,156 And now I have a whole section of routers down here. 175 00:09:07,566 --> 00:09:09,266 Okay, you say. 176 00:09:10,076 --> 00:09:11,306 And, you know, I don't know. 177 00:09:11,306 --> 00:09:12,186 Over here is area two. 178 00:09:12,186 --> 00:09:13,696 Let's add a couple, why not while we're at it. 179 00:09:13,696 --> 00:09:15,536 Area two, and here's a bunch of routers. 180 00:09:15,726 --> 00:09:17,186 Okay, what does that mean? 181 00:09:17,186 --> 00:09:17,996 What does that do? 182 00:09:18,336 --> 00:09:21,556 Areas, and this is-- this is huge, huge concepts. 183 00:09:21,796 --> 00:09:25,476 Hang with me. 184 00:09:25,696 --> 00:09:29,896 Areas represent a point of summarization. 185 00:09:30,896 --> 00:09:34,546 It's a point where you're able to summarize entries 186 00:09:34,546 --> 00:09:37,686 in your routing table down to a bigger network. 187 00:09:37,686 --> 00:09:38,716 Let me give you an example. 188 00:09:39,026 --> 00:09:41,556 Let's say up here I have, you know-- and sometimes we-- 189 00:09:41,556 --> 00:09:45,276 we draw these pictures of routers connected to routers and you lose kind of the perspective. 190 00:09:45,446 --> 00:09:47,686 And think of each one of those little circles as an office. 191 00:09:47,686 --> 00:09:50,046 Like this is-- this is the Texas office, right? 192 00:09:50,256 --> 00:09:55,466 And over here is 10.1.1.0/24, right? 193 00:09:55,466 --> 00:09:56,116 We got that network. 194 00:09:56,116 --> 00:10:02,586 And then over here is the-- the Michigan office and they've got 10.1.2.0/24. 195 00:10:02,676 --> 00:10:08,106 And then-- and then over here is the California office and they've got 10.1.3.0/24. 196 00:10:08,106 --> 00:10:09,956 Are you seeing the theme, right? 197 00:10:10,186 --> 00:10:12,216 Each one of these offices, this one might be 4.0. 198 00:10:12,216 --> 00:10:13,586 This one might be 5.0. 199 00:10:13,796 --> 00:10:16,546 The point is they all start with 10.1. 200 00:10:17,006 --> 00:10:20,846 So when we hit this area boundary we now have a choice. 201 00:10:21,546 --> 00:10:27,076 Do we advertise all of those networks to where down here this router now knows, okay, 202 00:10:27,076 --> 00:10:31,856 10.1.1.0 is up here and 10.1.2 and 10.1.3 and I've got all these entries 203 00:10:31,856 --> 00:10:33,606 in my routing-- my routing table. 204 00:10:33,606 --> 00:10:35,786 And my router is running slow 'cause I have all these. 205 00:10:35,786 --> 00:10:38,336 Do we do that or do we make a move? 206 00:10:39,896 --> 00:10:41,136 I would say we make a move. 207 00:10:41,376 --> 00:10:47,326 And we call that summarization to where we take all those 10.1 networks and we say instead 208 00:10:47,326 --> 00:10:51,856 of taking all the individual networks and advertising them down here, let's just do this. 209 00:10:51,856 --> 00:10:57,586 Let's just say I've got 10.1.0.0/16. 210 00:10:58,066 --> 00:11:00,066 Can he do that? 211 00:11:00,786 --> 00:11:02,556 Yup, we can do that. 212 00:11:02,746 --> 00:11:04,446 I'm a little weird today. 213 00:11:04,806 --> 00:11:06,326 I'm in one of those weird moods. 214 00:11:06,556 --> 00:11:12,296 So-- so what that does is now suppress all of these individual update. 215 00:11:12,296 --> 00:11:15,756 So, now this router in his [inaudible] I mean I drew five. 216 00:11:15,756 --> 00:11:18,636 But imagine that was 50 or 500 routers. 217 00:11:18,636 --> 00:11:20,096 Let's go crazy, right? 218 00:11:20,096 --> 00:11:22,376 This guy, instead of having 500 routes, 219 00:11:22,576 --> 00:11:24,626 and I guess we can't really get 500 routes out of that. 220 00:11:24,626 --> 00:11:25,866 Let's just say 200. 221 00:11:26,106 --> 00:11:26,496 How's that? 222 00:11:26,496 --> 00:11:32,476 Instead of having 200 routes in his routing table, he's going to have one. 223 00:11:32,636 --> 00:11:35,126 He's going to know 10.1. 224 00:11:35,456 --> 00:11:37,166 anything slash 16, right? 225 00:11:37,166 --> 00:11:40,216 That means these two are the significant digits. 226 00:11:40,216 --> 00:11:43,926 10.1. anything is up there, right? 227 00:11:44,066 --> 00:11:46,546 And now I've suppressed all those more specific things. 228 00:11:46,546 --> 00:11:48,116 One, number one, two things it does. 229 00:11:48,116 --> 00:11:53,006 Number one makes our routing table much smaller, meaning our routers become much faster, 230 00:11:53,006 --> 00:11:55,256 much more efficient at what they do. 231 00:11:55,406 --> 00:11:58,346 Number two is it hides problems. 232 00:11:58,746 --> 00:12:02,846 See here's the deal with OSPF, everything in an area has 233 00:12:02,846 --> 00:12:04,516 to know what's-- what each other is doing. 234 00:12:04,516 --> 00:12:08,466 Like if a network goes down over here, everybody in that area has to know about it. 235 00:12:08,466 --> 00:12:11,316 And it comes up, okay, everybody in the area has to know about it. 236 00:12:11,316 --> 00:12:12,696 It's the rule of OSPF. 237 00:12:12,696 --> 00:12:17,526 Everybody in an area must be synchronized, like they all know the same stuff. 238 00:12:17,526 --> 00:12:20,616 Well, that's a problem when we start spanning this is-- this is our-- 239 00:12:20,616 --> 00:12:26,446 our WAN connection from the United States over to India, right? 240 00:12:26,446 --> 00:12:29,326 We-- we have tech support offices in India. 241 00:12:29,686 --> 00:12:31,386 And we have this WAN link going over that. 242 00:12:31,386 --> 00:12:35,586 I don't-- I don't want to flood that LAN link 'cause it's slow with unnecessary information. 243 00:12:35,586 --> 00:12:37,166 So let's-- let's summarize. 244 00:12:37,166 --> 00:12:40,776 So when this network goes down, everybody knows about it up to here. 245 00:12:41,716 --> 00:12:43,236 So, what that does that mean? 246 00:12:43,236 --> 00:12:46,706 Do they not know that the 10.1.1 network is down? 247 00:12:47,126 --> 00:12:48,146 That's correct, they don't. 248 00:12:48,236 --> 00:12:52,756 They don't know it's down at all and that's okay because when they started sending information, 249 00:12:52,946 --> 00:12:58,186 it's going to go right here, this router, and he's going to be like, oh, sorry man, it's down. 250 00:12:58,626 --> 00:12:59,976 You know, drop, drop, drop, drop, drop. 251 00:12:59,976 --> 00:13:00,996 So it drops all the packets. 252 00:13:00,996 --> 00:13:02,326 And so communication won't happen. 253 00:13:02,326 --> 00:13:05,786 And that's okay, we want to be able to high-- I mean, think about it. 254 00:13:05,786 --> 00:13:09,676 Are there-- are there-- like did the network on the internet just go down right now? 255 00:13:10,126 --> 00:13:11,526 Yes. Did it come up right now? 256 00:13:11,586 --> 00:13:15,526 Yes. There are thousands and thousands of networks on the internet going down and going 257 00:13:15,526 --> 00:13:18,626 up every minute that we sit here and talk. 258 00:13:19,016 --> 00:13:20,286 We don't have to know about it. 259 00:13:20,286 --> 00:13:21,686 Our routers don't have to know about it. 260 00:13:21,686 --> 00:13:25,026 They just send it as far as it can get and then it's like, oh sorry, 261 00:13:25,356 --> 00:13:28,496 microsoft.com is down, if that were to happen. 262 00:13:28,496 --> 00:13:31,146 So, that's what an area is. 263 00:13:31,366 --> 00:13:33,986 But we're not going to talk about that, right? 264 00:13:33,986 --> 00:13:36,266 Areas in summarization and that-- 265 00:13:36,366 --> 00:13:43,656 that configuration, that's what you do when you go beyond this-- this sand bucket of OSPF. 266 00:13:43,656 --> 00:13:46,666 But the key is that area has to match. 267 00:13:46,666 --> 00:13:51,356 These guys have to be-- I have to be let's say an area zero on both of these routers 268 00:13:51,356 --> 00:13:53,166 or else we won't form neighbor relationship. 269 00:13:53,346 --> 00:13:57,206 We have to have matched authentication, like if I have a pass code. 270 00:13:57,456 --> 00:14:03,806 Like I will only be your-- your OSPF neighbor if you have the key Cisco, right? 271 00:14:03,806 --> 00:14:07,946 And both of these have the same key that has to match between that. 272 00:14:07,946 --> 00:14:11,406 You can define a password that way you don't have evil routers coming in 273 00:14:11,406 --> 00:14:13,346 or computers pretending to be routers. 274 00:14:13,346 --> 00:14:16,856 They have those coming in and trying to form a neighbor relationship with you. 275 00:14:17,376 --> 00:14:19,416 And lastly, they have to have the same subnet mask. 276 00:14:19,416 --> 00:14:21,186 You can't have, you know, slash 24 here 277 00:14:21,186 --> 00:14:23,156 and maybe he's got a slash 16 or something over here. 278 00:14:23,326 --> 00:14:25,036 They're going to be like, oh, we're not going to do that. 279 00:14:25,036 --> 00:14:25,966 We're not going to form neighbors. 280 00:14:25,966 --> 00:14:31,526 Now if all of these things match up, then the Hello is accepted on both sides, 281 00:14:31,526 --> 00:14:34,026 and they will become a full neighbor relationship, 282 00:14:34,026 --> 00:14:35,796 meaning they will start exchanging routes. 283 00:14:36,956 --> 00:14:41,966 Okay, so let's take that and now go into how to get OSPF working. 284 00:14:41,966 --> 00:14:45,206 And just starting off with a very basic scenario. 285 00:14:45,416 --> 00:14:47,326 We've got two routers, right? 286 00:14:47,326 --> 00:14:50,446 Each one is connected to a network that the other doesn't know about, 287 00:14:50,446 --> 00:14:52,206 so we're not going to be able to reach it. 288 00:14:52,206 --> 00:14:58,016 Like router one over here is not going to be able to reach router two's 192.168.3 network 289 00:14:58,016 --> 00:14:59,086 because we have nothing in place to allow that. 290 00:14:59,086 --> 00:14:59,776 Let's prove that. 291 00:14:59,776 --> 00:15:01,136 I'm going to go to GNS3. 292 00:15:01,216 --> 00:15:05,796 Let's just right click on router one and open a console connection to it. 293 00:15:05,796 --> 00:15:07,186 And so I've got router one. 294 00:15:07,186 --> 00:15:10,876 Let's first off get our bearings, you know, see if I can squeeze this over here. 295 00:15:11,426 --> 00:15:12,476 Let's get our bearings. 296 00:15:12,476 --> 00:15:14,426 Always show IP interface brief. 297 00:15:14,426 --> 00:15:16,646 My favorite command to just say, okay, what's what. 298 00:15:16,856 --> 00:15:18,766 And I can say right here I've got a serial connection, 299 00:15:18,766 --> 00:15:28,196 192.168.2.1 lines with what I see there on my network diagram. 300 00:15:28,196 --> 00:15:37,366 I have 192.168.1.1 which is the LAN network over here. 301 00:15:37,366 --> 00:15:38,736 Now that all looks good. 302 00:15:38,736 --> 00:15:40,486 Let's do a show IP route. 303 00:15:40,486 --> 00:15:46,446 And I can see that this router knows about only connected routes. 304 00:15:46,446 --> 00:16:01,546 It knows it's plugged into 192.168.1.0 because I configured an IP address in that network. 305 00:16:01,546 --> 00:16:05,926 Same thing with 2.0, I've got an IP Address in that network. 306 00:16:05,926 --> 00:16:09,576 So-- so, it's all looking good. 307 00:16:09,576 --> 00:16:19,526 And I can absolutely guarantee that if I type in ping 192.168.3.1 which is the LAN interface 308 00:16:19,526 --> 00:16:22,506 of router two over here, we're going to fail. 309 00:16:22,506 --> 00:16:27,496 And we can guarantee that because when we look at the routing table, 310 00:16:27,496 --> 00:16:31,266 we're trying to reach anything that's not shown here. 311 00:16:31,266 --> 00:16:38,556 The router is just going to say, I have no idea what you're doing. 312 00:16:38,856 --> 00:16:42,626 So, last nugget-- no, two nuggets ago. 313 00:16:42,736 --> 00:16:46,826 We got static routing to get this setup going. 314 00:16:46,826 --> 00:16:50,116 We go into global config. 315 00:16:52,996 --> 00:16:57,796 And let's do first off turning on OSPF. 316 00:16:57,796 --> 00:17:03,566 The command is router and then the protocol you want to run. 317 00:17:03,566 --> 00:17:07,036 Now I mentioned remember the jellybean slide. 318 00:17:07,206 --> 00:17:09,546 We had BGP, EIGRP, ISI's. 319 00:17:09,546 --> 00:17:19,216 I mean all these different protocols that are out there, some that we didn't even talk about 320 00:17:19,216 --> 00:17:22,036 but they're out there, other routing protocols. 321 00:17:22,036 --> 00:17:27,046 We just need to pick the one that we want. 322 00:17:27,046 --> 00:17:30,796 In this case, we are using OSPF. 323 00:17:30,796 --> 00:17:33,556 So I'll fill that in and hit the question mark. 324 00:17:33,556 --> 00:17:36,846 And now it ask me for a big question, what is your process ID? 325 00:17:36,846 --> 00:17:38,896 You ever gone in-- in Windows? 326 00:17:38,896 --> 00:17:40,796 Let me bring something out. 327 00:17:41,156 --> 00:17:44,606 Tell me if this looks familiar to you. 328 00:17:44,606 --> 00:17:46,986 That guy. Isn't this machine awesome? 329 00:17:47,196 --> 00:17:50,966 It's got like 8 processors. 330 00:17:51,236 --> 00:17:52,216 It's amazing. 331 00:17:52,216 --> 00:17:55,436 I didn't do that just to show you this machine. 332 00:17:55,436 --> 00:17:57,586 I showed-- I wanted to show you this process tab. 333 00:17:57,586 --> 00:17:58,566 Have you ever gone in here? 334 00:17:58,566 --> 00:18:02,516 Have you ever gotten into-- to Windows where things go bad? 335 00:18:02,516 --> 00:18:05,836 I mean your-- you're sitting, nothing's done bad at Windows, right? 336 00:18:05,836 --> 00:18:07,046 No. But, you know, you're in here. 337 00:18:07,046 --> 00:18:09,116 You've got, you know, whatever running. 338 00:18:09,116 --> 00:18:11,006 You know, Dynamips is freezing or whatever. 339 00:18:11,006 --> 00:18:12,386 You know something goes bad. 340 00:18:12,386 --> 00:18:15,336 And you're trying to kill a process and have you ever gotten 341 00:18:15,336 --> 00:18:17,826 to a point in Windows where it won't die? 342 00:18:17,826 --> 00:18:19,516 Have you ever got in there? 343 00:18:19,706 --> 00:18:24,006 One of the things that you can do and see, this isn't a Windows course. 344 00:18:24,556 --> 00:18:27,346 But you can actually-- I'm going to pull up Google. 345 00:18:27,346 --> 00:18:35,246 And obviously I had recently gone through that experience 'cause Google Chrome did not shut 346 00:18:35,246 --> 00:18:37,636 down correctly. 347 00:18:37,636 --> 00:18:39,436 So, I'm going to do what is it? 348 00:18:39,436 --> 00:18:40,416 Task kill, right? 349 00:18:40,416 --> 00:18:41,276 That's the command, yeah. 350 00:18:41,276 --> 00:18:44,556 So this is a command-- if you didn't know about this command, oh, if you're in Windows, 351 00:18:44,556 --> 00:18:47,736 you live by this command 'cause things break all the time. 352 00:18:47,736 --> 00:18:54,126 Task kill is like I'm going to kill a process absolutely dead on-- 353 00:18:54,126 --> 00:18:57,146 you know, I'm cutting it off. 354 00:18:57,146 --> 00:18:59,866 You're probably going to get some file corruption 355 00:18:59,866 --> 00:19:03,176 but that's all good 'cause that's normal in Windows. 356 00:19:03,306 --> 00:19:06,826 And we're going to make-- we're going to make your computer stable again, right? 357 00:19:06,826 --> 00:19:11,316 So-- so task kill requires that you identify a process by its process ID. 358 00:19:11,316 --> 00:19:13,306 And you can actually go in task manager. 359 00:19:13,306 --> 00:19:14,206 And let's see, where is it? 360 00:19:14,206 --> 00:19:15,036 Properties. 361 00:19:15,036 --> 00:19:17,096 There's a way-- now of course, no, I'm not going to view. 362 00:19:17,096 --> 00:19:18,486 Oh wait, select comms, there it is. 363 00:19:18,486 --> 00:19:20,166 Select comms and process ID. 364 00:19:20,166 --> 00:19:20,646 Voila, right there. 365 00:19:20,646 --> 00:19:22,056 And this column PID is what you need for task kill. 366 00:19:22,086 --> 00:19:22,476 Like, oh man, mom. 367 00:19:22,506 --> 00:19:23,796 Mom is totally acting up and we got to kill her. 368 00:19:23,826 --> 00:19:24,396 This is just not good. 369 00:19:24,426 --> 00:19:25,686 But-- but anyway, we've got to kill the mom process. 370 00:19:25,716 --> 00:19:27,066 I need 3828 and I'm good. 371 00:19:27,096 --> 00:19:28,056 So you're going, okay, that's kind of cool. 372 00:19:28,086 --> 00:19:29,436 So I-- I would go to command prompt typing task kill. 373 00:19:29,466 --> 00:19:30,906 Now I don't know what mom is so I don't want to kill her. 374 00:19:30,936 --> 00:19:31,506 But that's what this is. 375 00:19:31,536 --> 00:19:33,096 A process ID just identifies the OSPF process to the router. 376 00:19:33,126 --> 00:19:34,236 I might say, well, what-- what numbers should I use. 377 00:19:34,266 --> 00:19:34,986 Yeah, whatever you want to use. 378 00:19:35,016 --> 00:19:35,736 But you got to remember it. 379 00:19:35,766 --> 00:19:36,366 You got to remember it. 380 00:19:36,396 --> 00:19:37,956 Does it have to be the same on all the routers in your network? 381 00:19:37,986 --> 00:19:39,606 No. Because I mean just like if I went to another computer in-- 382 00:19:39,636 --> 00:19:40,836 in my house, I would see that there's other-- there's other-- 383 00:19:40,866 --> 00:19:41,766 I mean, maybe mom or DWM is running 384 00:19:41,796 --> 00:19:43,266 with a different process ID on a different computer, right? 385 00:19:43,296 --> 00:19:44,256 So-- so process ID doesn't really matter. 386 00:19:44,286 --> 00:19:45,276 However, you have to remember what it is. 387 00:19:45,306 --> 00:19:47,256 So, the reason you have to remember is because you'll constantly be typing it 388 00:19:47,286 --> 00:19:48,306 in to go into this configuration mode. 389 00:19:48,336 --> 00:19:49,086 So, let me just tell you this. 390 00:19:49,116 --> 00:19:49,566 Use one. That's it. 391 00:19:49,596 --> 00:19:50,586 And I know, I-- this, this section right here. 392 00:19:50,616 --> 00:19:51,936 This little process ID just in the past has gener-- 393 00:19:51,966 --> 00:19:54,066 whoa, has generated so many questions that it's just I'm telling you just use one. 394 00:19:54,096 --> 00:19:55,716 I know questions like, well, can I have multiple OSPF processes? 395 00:19:55,746 --> 00:19:56,046 Yes, you can. 396 00:19:56,076 --> 00:19:56,616 No, you don't want to. 397 00:19:56,646 --> 00:19:58,656 Can I use, you know, process ID one and then process ID 50 on another router? 398 00:19:58,686 --> 00:19:58,986 Yes, you can. 399 00:19:59,016 --> 00:19:59,556 No, you don't want to. 400 00:19:59,586 --> 00:20:00,486 Why? Because then you have to remember. 401 00:20:00,516 --> 00:20:02,466 Well, this one is 1, this one is 50, that one is 392. 402 00:20:02,496 --> 00:20:02,976 Just use one, okay? 403 00:20:03,266 --> 00:20:04,956 So we're in OSPF. 404 00:20:04,956 --> 00:20:06,266 And actually we've done step one. 405 00:20:06,476 --> 00:20:07,136 We've turned it on. 406 00:20:07,466 --> 00:20:10,286 OSPF, it's like the little light switch on our router. 407 00:20:10,286 --> 00:20:11,316 There's-- there's a light switch. 408 00:20:11,316 --> 00:20:13,646 We just went from off to on, right? 409 00:20:13,846 --> 00:20:16,796 So it's now running but it's not doing anything 410 00:20:16,796 --> 00:20:19,486 because we haven't told it what interfaces to use. 411 00:20:19,486 --> 00:20:23,826 Okay, big, big command here. 412 00:20:23,906 --> 00:20:28,056 OSPF works based on this command called network. 413 00:20:29,356 --> 00:20:31,436 The network command I would say this is-- 414 00:20:31,436 --> 00:20:35,366 this got to be one of the confusing commands in all CISCO. 415 00:20:35,496 --> 00:20:39,166 And they're actually making it go away as we move into IPV6. 416 00:20:39,276 --> 00:20:42,476 The network command is actually gone because CISCO knows it's crazy. 417 00:20:42,716 --> 00:20:43,546 It's a crazy command. 418 00:20:43,766 --> 00:20:50,786 The reason why is it's one command that does two very similar yet very different things. 419 00:20:51,096 --> 00:20:55,616 When I type in network I'm number one identifying, you might write this down, 420 00:20:55,616 --> 00:20:57,026 if you're taking notes write this down. 421 00:20:57,026 --> 00:20:58,806 Embed this in your mind. 422 00:20:58,996 --> 00:21:04,916 It identifies, identify-- hang on. 423 00:21:05,686 --> 00:21:07,026 Beauty of a pause button, right? 424 00:21:07,026 --> 00:21:11,156 It identifies what interfaces to send Hello Packets on. 425 00:21:11,156 --> 00:21:14,106 I know if you're a grammatical person, you're like you can't end in a preposition. 426 00:21:14,106 --> 00:21:16,116 But I just did 'cause that's the only good way to say that. 427 00:21:16,376 --> 00:21:20,386 It identifies what interfaces to send Hello Packets on. 428 00:21:20,386 --> 00:21:23,376 So when I type in network, so here-- let me show you the command, right? 429 00:21:23,876 --> 00:21:32,936 I type in network 192.168.2.0, right? 430 00:21:32,936 --> 00:21:34,756 Now-- now there's more to this command. 431 00:21:34,756 --> 00:21:38,256 But let's just start there and hit the enter key. 432 00:21:38,256 --> 00:21:41,866 Now it's going to say, wait there's more to this command and we'll talk about that in a second. 433 00:21:41,936 --> 00:21:45,326 But when I type in network 192.168.2.0 it says okay, 434 00:21:45,326 --> 00:21:51,346 let's see what interfaces do I have in the 192.168.2.0 networks? 435 00:21:51,346 --> 00:21:53,916 And it's going to go no, nope, nope not that one. 436 00:21:53,916 --> 00:21:57,316 Oh that's one, 192.168.2.1. 437 00:21:57,316 --> 00:22:00,776 That's in the 192.168.2.1, 2.0 network. 438 00:22:00,776 --> 00:22:06,166 So I am going to start sending Hello Messages on these interfaces. 439 00:22:06,226 --> 00:22:09,216 Why? Because it wants to form a neighbor. 440 00:22:09,296 --> 00:22:12,136 It wants to find friends to exchange routes with. 441 00:22:12,136 --> 00:22:14,956 So we're telling it I want you to send hello messages out there. 442 00:22:14,956 --> 00:22:19,636 So when I type this-- this command in, it's going to start sending hello's on there. 443 00:22:19,636 --> 00:22:20,716 Is it going to send hello's out here? 444 00:22:20,716 --> 00:22:23,846 No, it's not because that's not the 192.168,2 network, right? 445 00:22:23,976 --> 00:22:26,166 Okay, so that's-- that's the first big thing it does. 446 00:22:26,436 --> 00:22:33,406 Second thing it does, it identifies what networks to advertise. 447 00:22:33,726 --> 00:22:39,606 So what we're doing when we type in network 192.168.2.0 is it says I'm going 448 00:22:39,606 --> 00:22:43,246 to number one form neighbor relationships out that interface. 449 00:22:43,246 --> 00:22:49,676 And number two I'm going to tell people about the 192.168.2 network, right? 450 00:22:49,936 --> 00:22:53,116 Because maybe-- maybe I don't want to tell people about this network. 451 00:22:53,116 --> 00:22:57,296 Maybe this is a secret ninja network where we have top secret Apple development 452 00:22:57,296 --> 00:22:59,676 on the iPhone 9 or-- or something like that. 453 00:22:59,676 --> 00:23:03,996 You know it's-- it's-- we don't want people to know about the network then I wouldn't type 454 00:23:03,996 --> 00:23:08,546 in the network advertisement because that is what tells the router to advertise that network. 455 00:23:08,546 --> 00:23:11,306 So now let me-- let me fill this-- this in here. 456 00:23:11,936 --> 00:23:17,466 Let's say I type in this command network 192.168.2.0 and hit the enter. 457 00:23:17,466 --> 00:23:18,526 What have I done? 458 00:23:18,526 --> 00:23:23,026 This router now is going to try and form a neighbor relationship on that interface. 459 00:23:23,026 --> 00:23:27,036 And as long as router two is doing the same thing as long as I've typed that same command 460 00:23:27,036 --> 00:23:29,906 in router two, they're both going to be like, "hey man it's good to meet you." 461 00:23:29,906 --> 00:23:33,386 And as long all these things are-- are up to par which we're going to talk about those 462 00:23:33,386 --> 00:23:36,376 in just a second so it's there up to snuff in there-- they're all matching-- 463 00:23:36,376 --> 00:23:37,946 they're going to be like, let's be neighbors. 464 00:23:37,946 --> 00:23:39,526 And then router one is going to say okay, 465 00:23:39,616 --> 00:23:42,396 I got some really good information for you to router two. 466 00:23:42,396 --> 00:23:46,526 I know about the 192.168.2.0 network. 467 00:23:46,526 --> 00:23:47,256 That's it. 468 00:23:47,256 --> 00:23:50,656 Router two looks and goes, "that was not interesting at all 469 00:23:50,966 --> 00:23:52,676 because I'm connected to that network. 470 00:23:52,676 --> 00:23:54,016 I already knew about that network. 471 00:23:54,016 --> 00:23:55,776 You are worthless to me router one." 472 00:23:55,776 --> 00:23:57,586 It doesn't really say that but it kind of feels that way 473 00:23:57,816 --> 00:24:00,076 because router one is not giving it any information beyond that. 474 00:24:00,076 --> 00:24:05,646 No, so what do we have to type in to let router one tell router two something it didn't 475 00:24:05,646 --> 00:24:06,086 know about? 476 00:24:07,076 --> 00:24:07,906 Come on take a guess. 477 00:24:07,906 --> 00:24:10,836 Come on. We would type in network. 478 00:24:10,836 --> 00:24:13,796 Well, in addition now, it's going to give me an incomplete command, right? 479 00:24:13,796 --> 00:24:16,156 Because there's more to this but let's just go with it. 480 00:24:16,156 --> 00:24:21,816 So I would also have to type in network 192.168.1.0. 481 00:24:21,816 --> 00:24:22,496 Hit the enter key. 482 00:24:22,666 --> 00:24:25,296 Okay, now again, filling in the-- the end of it. 483 00:24:25,296 --> 00:24:28,086 So let's just focus on the base command first. 484 00:24:28,086 --> 00:24:34,226 If I type in that now it's going to number one send hello's out that interface as well 485 00:24:34,226 --> 00:24:38,316 as the 192.168.2 'cause you now have, I mean, they kind of go together, right? 486 00:24:38,316 --> 00:24:39,386 It's not like you just type one. 487 00:24:39,666 --> 00:24:47,406 So I'm going to type in, I send hello messages out the 192.168.1.0 interface. 488 00:24:47,716 --> 00:24:52,396 And-- and I'm going to start advertising that network to other routers as well. 489 00:24:52,506 --> 00:24:56,126 Now router two is like wow, you just became a lot more interesting to me router one. 490 00:24:56,476 --> 00:25:02,006 You're telling me about something I didn't know about, 192.186.1.0. 491 00:25:02,006 --> 00:25:03,226 Now of course you might have you're like okay, 492 00:25:03,226 --> 00:25:05,636 well does he have to send hello's out that interface? 493 00:25:06,076 --> 00:25:07,366 I mean does he really have to? 494 00:25:07,956 --> 00:25:09,326 Well not really. 495 00:25:09,326 --> 00:25:10,806 I mean it's just kind of pointless hello's. 496 00:25:10,806 --> 00:25:11,616 He's like hello. 497 00:25:11,616 --> 00:25:15,956 I mean think of it like, you know, one of those weird movies walking through hello. 498 00:25:16,266 --> 00:25:17,376 Hello, anybody here? 499 00:25:17,556 --> 00:25:20,406 But without the guy with the knife jumping out from behind the door. 500 00:25:20,666 --> 00:25:22,266 That's what this guy is doing. 501 00:25:22,376 --> 00:25:24,566 He's sending empty hello's to an empty LAN. 502 00:25:24,816 --> 00:25:26,196 Now is that a waste? 503 00:25:26,706 --> 00:25:33,066 Yes. I would say on-- on the-- the least amount of consequence it's a waste of-- 504 00:25:33,066 --> 00:25:35,226 of bandwidth, a waste of resources. 505 00:25:35,226 --> 00:25:38,036 Number two is that a security hazard? 506 00:25:38,626 --> 00:25:39,526 Yes, it is. 507 00:25:39,916 --> 00:25:44,566 The reason why is he's saying hello out to a user community. 508 00:25:44,776 --> 00:25:48,376 If you've got a user, how many of you know you can't trust your users? 509 00:25:48,376 --> 00:25:50,466 Absolutely a fact. 510 00:25:50,826 --> 00:25:53,146 That smiling guy in the cubicle, he's trying to destroy you. 511 00:25:53,566 --> 00:25:58,186 He's trying to hack your network because if he starts seeing hello's coming in from OSPF, 512 00:25:58,186 --> 00:26:03,946 he's going to try and sabotage your network by becoming an impostor, you know. 513 00:26:03,946 --> 00:26:07,806 Acting like an OSPF router and forming a neighbor relationship with you. 514 00:26:07,806 --> 00:26:10,486 Now I'd say well why would somebody want to do that? 515 00:26:10,736 --> 00:26:15,716 Well I would say on the least amount of damage they can really mess up your network. 516 00:26:15,716 --> 00:26:18,606 They can-- they can go in there and they could start advertising routes 517 00:26:18,606 --> 00:26:19,676 that don't really exist. 518 00:26:19,676 --> 00:26:21,806 They could, I mean, they could just sabotage your routing cable. 519 00:26:21,806 --> 00:26:23,546 And that's number one you don't want that. 520 00:26:23,676 --> 00:26:27,586 But I'm telling you if somebody's trying to do that, what they're probably trying 521 00:26:27,586 --> 00:26:30,906 to do is set off some kind of man-in-the-middle attack. 522 00:26:30,906 --> 00:26:31,826 Ever heard of that? 523 00:26:32,356 --> 00:26:37,826 Man-in-the-middle is where you try to inject yourself meaning a computer or some device 524 00:26:37,826 --> 00:26:41,796 in the middle to where you make this router believe you're a good exit point 525 00:26:41,796 --> 00:26:42,246 to the internet. 526 00:26:42,246 --> 00:26:44,076 And then you do some wizardry behind the scenes 527 00:26:44,076 --> 00:26:46,476 to really say oh well actually I can get you to the internet. 528 00:26:46,476 --> 00:26:51,616 So essentially all of the routing goes through your computer and, you know, 529 00:26:51,616 --> 00:26:52,956 maybe it's not a WiFi connection. 530 00:26:52,956 --> 00:26:55,246 Maybe, I mean you can, there's all kinds of tricks you can play 531 00:26:55,246 --> 00:26:56,516 to do the man-in-the-middle attack. 532 00:26:56,706 --> 00:26:58,506 But you-- you get it to where it's going. 533 00:26:58,506 --> 00:27:01,436 But now you are in the middle so that you can start opening a tool 534 00:27:01,436 --> 00:27:04,526 like Wireshark and capturing all of the data. 535 00:27:04,526 --> 00:27:07,156 So now you can start seeing what people are doing on the network. 536 00:27:07,346 --> 00:27:08,696 You can start gathering information. 537 00:27:08,696 --> 00:27:12,876 You can, I mean, there-- there are-- it's easy to do with Wireshark. 538 00:27:12,876 --> 00:27:16,796 Start reassembling, you know, excel files that people were working on, spreadsheets, 539 00:27:16,796 --> 00:27:20,276 e-mails that were being sent, voice over IP conversations that were being had. 540 00:27:20,276 --> 00:27:22,786 You can actually capture those if you're in the middle. 541 00:27:22,996 --> 00:27:24,326 And put them all back together. 542 00:27:24,326 --> 00:27:27,286 And now you've got scary data that you can walk away with. 543 00:27:27,286 --> 00:27:28,256 So you don't want that. 544 00:27:28,256 --> 00:27:33,656 So and you might say okay, well what if I want to advertise that network? 545 00:27:33,656 --> 00:27:37,206 Now I'm going to advertise that to this router. 546 00:27:37,206 --> 00:27:40,616 But I don't want to send hello messages there 'cause I know I won't ever have a neighbor. 547 00:27:40,776 --> 00:27:45,196 Is there a way to split this network command and say well do number two. 548 00:27:45,286 --> 00:27:46,066 This is good. 549 00:27:46,256 --> 00:27:47,206 Don't do number one. 550 00:27:47,446 --> 00:27:48,716 I-- I don't want that. 551 00:27:48,976 --> 00:27:49,776 Yes, there is. 552 00:27:50,526 --> 00:27:54,546 That is actually known as the passive interface command. 553 00:27:55,086 --> 00:27:55,466 Check it out. 554 00:27:55,516 --> 00:27:59,006 I'm going to go back on router one and I'm going to type in notice I'm under-- 555 00:27:59,176 --> 00:28:01,186 I'm under OSPF configuration mode. 556 00:28:01,186 --> 00:28:02,676 I'm under this router config mode. 557 00:28:02,866 --> 00:28:06,336 I can type in passive interface and say well I want 558 00:28:06,336 --> 00:28:08,486 to be a little passive on we'll say [inaudible]. 559 00:28:08,566 --> 00:28:12,216 I don't remember what it was, zero slash zero whatever. 560 00:28:12,266 --> 00:28:15,026 You know, I'm not going to type it in 'cause I don't remember what it was. 561 00:28:15,026 --> 00:28:19,896 And if I-- if I do the wrong one, you know, then, then it's not going to send hello's 562 00:28:19,896 --> 00:28:22,176 out this interface and no neighbor relationships will form. 563 00:28:22,446 --> 00:28:26,956 So-- so passive interface I know it's almost like worth the foundations of OSPF. 564 00:28:26,956 --> 00:28:30,206 So here is how it works and I'm already introducing the passive interface, 565 00:28:30,496 --> 00:28:32,116 the reason why is it's that important. 566 00:28:32,676 --> 00:28:33,656 You want to use the passive. 567 00:28:33,656 --> 00:28:35,666 As a matter of fact, I'll tell you what, a lot of people do. 568 00:28:36,616 --> 00:28:41,666 'Cause I'll actually type in passive interface and then let me show you a question mark again, 569 00:28:41,966 --> 00:28:46,856 passive interface default which says turn off all routing updates. 570 00:28:46,856 --> 00:28:50,716 Turn off all hello messages on all interfaces. 571 00:28:51,856 --> 00:28:52,776 Type that in just like that. 572 00:28:52,956 --> 00:28:54,846 Then no more hello messages anywhere. 573 00:28:55,066 --> 00:28:57,906 You know like well, that says it-- that kind of defeats the point, right? 574 00:28:57,906 --> 00:29:02,206 Well yes because now, you can go in and do no passive interface. 575 00:29:02,396 --> 00:29:04,856 And then I can do-- I got to figure out my interfaces. 576 00:29:05,456 --> 00:29:07,656 Show IP Interface Brief, right? 577 00:29:07,926 --> 00:29:13,836 I can do no passive interface and do serial 0/0. 578 00:29:14,366 --> 00:29:17,046 So now it's saying okay, everything is passing. 579 00:29:17,046 --> 00:29:21,346 Nothing is sending hello messages unless you as an admin go in. 580 00:29:21,346 --> 00:29:22,796 And that's a really good practice. 581 00:29:22,796 --> 00:29:25,316 What I just did right there, really good security practice 582 00:29:25,316 --> 00:29:28,236 to make sure you're not sending hello messages where they don't belong. 583 00:29:28,526 --> 00:29:32,736 Remember anywhere you send a hello that's where a potential neighbor relationship conform. 584 00:29:32,826 --> 00:29:34,846 Okay. Let's get back. 585 00:29:34,846 --> 00:29:36,656 We've got to get back to configure. 586 00:29:36,656 --> 00:29:39,406 Let me-- let me just clear this off for a second. 587 00:29:42,016 --> 00:29:42,996 All right, there we go. 588 00:29:42,996 --> 00:29:43,656 That's a little better. 589 00:29:43,656 --> 00:29:46,546 Let's-- let's get back to the-- the core of everything. 590 00:29:46,726 --> 00:29:49,716 We are in the middle of telling it what interfaces to use, right? 591 00:29:49,716 --> 00:29:52,446 And we kept seeing that incomplete command when I was typing it in. 592 00:29:52,446 --> 00:29:57,776 So we need to say router one use these two interfaces for OSPF. 593 00:29:57,806 --> 00:30:00,976 So I'm back in and still under, here let me exit out 'cause I cleared the screen. 594 00:30:01,306 --> 00:30:02,806 So router OSPF one. 595 00:30:02,806 --> 00:30:04,766 I'm back into the router configuration mode. 596 00:30:04,766 --> 00:30:08,156 I'm going to type in network 192.168.2.0 597 00:30:08,156 --> 00:30:10,156 but you remember we kept getting this incomplete command. 598 00:30:10,296 --> 00:30:11,236 What's it looking for? 599 00:30:11,556 --> 00:30:12,426 Space question mark. 600 00:30:12,426 --> 00:30:13,006 Let's find out. 601 00:30:13,006 --> 00:30:18,276 It says enter the wild card bits, okay? 602 00:30:18,436 --> 00:30:19,816 What's a wild card bit? 603 00:30:20,106 --> 00:30:26,436 Well let me first say we will unpack wild card bits fully when we get into access list. 604 00:30:26,436 --> 00:30:30,256 That's a big, big, big part of access list understanding it in its entirety. 605 00:30:30,256 --> 00:30:36,316 For now I'm going to give you enough about wild card bits to-- to configure OSPF. 606 00:30:36,316 --> 00:30:40,606 Now wild card bits think of these as identifiers, right? 607 00:30:40,906 --> 00:30:44,056 We're-- we're trying-- we're going to try and identify in this-- 608 00:30:44,056 --> 00:30:45,616 in this IP address that we typed in. 609 00:30:45,876 --> 00:30:47,636 What should the router really care about? 610 00:30:47,846 --> 00:30:49,126 Here's what I mean. 611 00:30:49,126 --> 00:30:52,646 First off, wild card bits are completely opposite of the subnet mask. 612 00:30:52,646 --> 00:30:53,616 So let's just write it up here. 613 00:30:53,926 --> 00:30:59,586 I'm going to type in network 192.168.2.0. 614 00:31:00,126 --> 00:31:04,006 Now let me give you a sample wild card mask that we would use for this 615 00:31:04,006 --> 00:31:06,256 and then I'll-- I'll describe what it means. 616 00:31:06,486 --> 00:31:10,556 I'm going to do 0.0.0.255. 617 00:31:11,346 --> 00:31:13,686 Now, I know it's wild, right? 618 00:31:13,686 --> 00:31:14,806 That's why I gave it the name. 619 00:31:14,986 --> 00:31:18,516 No one really knows why CISCO decided to do it this way but they did. 620 00:31:18,876 --> 00:31:22,956 What-- what it is, is completely opposite of the subnet mask. 621 00:31:23,236 --> 00:31:27,856 I mean when you think about a subnet mask for 192.168.2.0 you're typically thinking 622 00:31:27,856 --> 00:31:30,726 of class E, 255.255.255.0, right? 623 00:31:30,726 --> 00:31:34,226 Well looking at that wild card mask it's exactly the opposite and here's what it means. 624 00:31:34,446 --> 00:31:42,216 Just again high level view right now wherever you see a zero, line it up to the IP address 625 00:31:42,216 --> 00:31:45,506 because that's something that the router is saying look at this. 626 00:31:45,726 --> 00:31:47,706 So let me draw the arrow there, right there. 627 00:31:47,916 --> 00:31:51,856 The router is thinking, I'm getting used to this pause thing, look at this. 628 00:31:52,036 --> 00:31:55,146 So 192 is significant to me. 629 00:31:55,146 --> 00:32:01,026 So I am going to identify interfaces by-- if they start with 192 that's-- that's key. 630 00:32:01,026 --> 00:32:02,836 I'm going to start sending hello packets on them. 631 00:32:02,836 --> 00:32:07,426 If they-- if they start with 192, I'm going to start advertising those networks, right? 632 00:32:07,426 --> 00:32:08,296 But wait there's more. 633 00:32:08,456 --> 00:32:10,056 Wait, no cost to you. 634 00:32:10,056 --> 00:32:10,666 There's more. 635 00:32:11,246 --> 00:32:13,776 168 that's the second octet. 636 00:32:13,776 --> 00:32:14,876 It's saying look at this. 637 00:32:14,876 --> 00:32:19,136 So look at this router when you're trying to identify only turn on OSPF. 638 00:32:19,136 --> 00:32:21,666 Let me-- let me just go back to this. 639 00:32:21,666 --> 00:32:23,566 And when I say turn on, it means these two things. 640 00:32:23,746 --> 00:32:30,116 Only turn on OSPF on interfaces that start with 192.168. 641 00:32:30,116 --> 00:32:34,956 And then we look at the third octet dot two, right? 642 00:32:35,146 --> 00:32:36,056 Look at this. 643 00:32:36,056 --> 00:32:39,856 Look at the two, 192.168.2 is significant. 644 00:32:40,146 --> 00:32:45,706 Now the 255 means I don't care period. 645 00:32:46,086 --> 00:32:50,126 I don't care what is in that last octet because I mean what-- 646 00:32:50,256 --> 00:32:54,656 what really is happening when I type this command is the router is going 647 00:32:54,656 --> 00:32:56,096 to look at all of its interfaces. 648 00:32:56,146 --> 00:32:56,996 Now let me-- let me get back here. 649 00:32:57,176 --> 00:32:59,876 I mean do I show IP Interface Brief. 650 00:33:00,226 --> 00:33:08,446 So when I type in network 192.168.2.0 and I type in 0.0.0.255 what the router is going 651 00:33:08,446 --> 00:33:10,096 to do is this going to say okay, let me look. 652 00:33:10,236 --> 00:33:12,936 Do I have any interfaces that start with 192? 653 00:33:13,156 --> 00:33:13,776 Yes, I do. 654 00:33:13,776 --> 00:33:17,946 Do I have any interfaces that have 168 because again it's a look at this? 655 00:33:17,996 --> 00:33:18,536 Yes, I do. 656 00:33:18,536 --> 00:33:19,516 I actually have two of them. 657 00:33:19,716 --> 00:33:24,346 Do I have any interfaces that have 192.168.2 because again it's uh look at this. 658 00:33:24,346 --> 00:33:26,006 Look at this-- this third octet right here. 659 00:33:26,006 --> 00:33:28,416 And it's going to say oh, oh yes I do. 660 00:33:28,416 --> 00:33:29,666 This one qualifies. 661 00:33:29,666 --> 00:33:33,926 Now this last octet it's going to say okay, dot zero and it's going to go, oh that's dot one. 662 00:33:33,926 --> 00:33:35,636 But wait a sec, you know what? 663 00:33:35,636 --> 00:33:36,086 I don't care. 664 00:33:36,426 --> 00:33:40,286 I don't care what IP Address is in that last octet. 665 00:33:40,286 --> 00:33:47,086 I just want to identify any interface that starts with 192.168.2, right? 666 00:33:47,456 --> 00:33:49,766 So that is how the wild card mask works. 667 00:33:49,766 --> 00:33:51,646 So let's-- let's do a little more example. 668 00:33:51,836 --> 00:33:55,946 Let's say-- let's say I wanted to turn on OSPF for both 669 00:33:55,946 --> 00:33:59,306 of these interfaces at the same time, right? 670 00:33:59,626 --> 00:34:00,636 Here is something I could type. 671 00:34:01,016 --> 00:34:10,866 I could type in network 192.168.0.0 with a wild card mask, come on, think about it. 672 00:34:10,866 --> 00:34:11,426 Can you guess it? 673 00:34:11,836 --> 00:34:16,446 0.0.255.255. 674 00:34:17,596 --> 00:34:22,176 That would be a way of turning on OSPF on both of these interfaces at the same time. 675 00:34:22,376 --> 00:34:25,646 Why? Because this one says look at this. 676 00:34:25,646 --> 00:34:26,706 Look at the 192. 677 00:34:26,706 --> 00:34:29,946 Turn OSPF on any interface that starts with 192. 678 00:34:30,486 --> 00:34:32,686 Oh, look at this, second octet 168. 679 00:34:32,686 --> 00:34:33,556 That is significant. 680 00:34:33,556 --> 00:34:37,866 Look at any interface that's starting with 192.168 for OSPF. 681 00:34:37,866 --> 00:34:39,976 And then it looks at these last two octets. 682 00:34:39,976 --> 00:34:41,066 And it says I don't care. 683 00:34:41,066 --> 00:34:41,856 I don't care. 684 00:34:41,856 --> 00:34:44,166 I don't care that this is the one and this is the two. 685 00:34:44,166 --> 00:34:45,146 That doesn't matter to me. 686 00:34:45,146 --> 00:34:45,786 That's fine. 687 00:34:45,876 --> 00:34:48,556 And I don't care that this has a dot one and this has a dot one 688 00:34:48,556 --> 00:34:49,986 in the-- in the fourth octet right here. 689 00:34:50,176 --> 00:34:54,586 And I don't care because they start with 192.168 something. 690 00:34:54,586 --> 00:34:58,416 I'm going to turn on OSPF on them, okay? 691 00:34:58,416 --> 00:35:00,596 Okay, let me go one step further. 692 00:35:01,806 --> 00:35:08,306 What if I wanted to turn on OSPF on every interface on my router that have right now. 693 00:35:08,896 --> 00:35:11,576 And any interface I add in the future? 694 00:35:13,096 --> 00:35:14,206 Go on and pause it right now. 695 00:35:14,206 --> 00:35:17,656 Think of it, think of it and I know you can think of it, okay unpause. 696 00:35:18,146 --> 00:35:29,266 Network 0.0.0 with wild card mask, 255.255.255.255, done. 697 00:35:29,646 --> 00:35:33,096 It would work because that says turn on OSPF on I don't care, 698 00:35:33,096 --> 00:35:34,456 I don't care, I don't care, I don't care. 699 00:35:34,456 --> 00:35:38,446 Anything, anything now or in the future and now you might say well that seems easy. 700 00:35:38,446 --> 00:35:39,146 Why don't we do that? 701 00:35:39,306 --> 00:35:42,796 Not good. And Cisco says don't do it because there's a lot 702 00:35:42,796 --> 00:35:45,446 of times you're configuring your router and you're adding an interface. 703 00:35:45,446 --> 00:35:46,176 You're deleting it there. 704 00:35:46,376 --> 00:35:50,426 And if you accidentally add an interface, it's automatically whoop 705 00:35:50,616 --> 00:35:54,666 within the OSPF before you're even ready for that interface to be active. 706 00:35:54,926 --> 00:35:55,506 You don't want to do that. 707 00:35:55,506 --> 00:35:58,226 As a matter of fact, we might say well what is Cisco's best practice? 708 00:35:58,916 --> 00:36:02,406 It's none of these, seriously, none of these. 709 00:36:02,966 --> 00:36:08,876 What Cisco actually sets to do is use a network of, you know, 710 00:36:08,876 --> 00:36:11,006 do a show IP Interface Brief right here. 711 00:36:12,006 --> 00:36:18,666 And say network 192.168.1.1 with what wild card mask? 712 00:36:19,196 --> 00:36:27,446 0.0.0.0. Network 192.168.2.1 with what wild card mask? 713 00:36:27,446 --> 00:36:28,526 Oops, 2.1. 714 00:36:28,526 --> 00:36:31,616 0.0.0, same things 0.0.0.0. 715 00:36:32,236 --> 00:36:35,936 What that does is it's like a sniper rifle-- we're turning on to OSPF. 716 00:36:35,936 --> 00:36:38,926 You're like exactly this interface. 717 00:36:38,926 --> 00:36:43,556 An interface that has 192.168.1.1 as it's IP Address, 718 00:36:43,556 --> 00:36:47,696 exactly that interface turn on OSPF, right? 719 00:36:47,896 --> 00:36:49,176 That's-- that's the scoop. 720 00:36:49,176 --> 00:36:50,406 I mean that's-- that's your best practice. 721 00:36:50,406 --> 00:36:51,556 Why is that the best practice? 722 00:36:51,556 --> 00:36:52,466 It's a lot more typing. 723 00:36:52,466 --> 00:36:54,516 It's a lot more and we're even like well this is easy. 724 00:36:54,976 --> 00:36:59,266 Beware of easy things in the Cisco world because it's too far reaching. 725 00:36:59,266 --> 00:37:00,516 It's too auto-magic. 726 00:37:00,766 --> 00:37:03,916 We want to make sure that we know exactly where OSPF is running. 727 00:37:03,916 --> 00:37:06,036 So we literally type in a network command 728 00:37:06,036 --> 00:37:08,356 for every single interface and it starts advertising it. 729 00:37:08,356 --> 00:37:12,706 Now another big misunderstanding of the network command or comment. 730 00:37:12,706 --> 00:37:15,116 I-- I remember when I first learned-- I still remember this. 731 00:37:15,396 --> 00:37:19,916 When I first learned network command I was like okay, so does this actually affect, 732 00:37:19,916 --> 00:37:21,546 you know, like what is advertised? 733 00:37:22,006 --> 00:37:25,576 Like when I type in 192.168.0.0 is this guy going 734 00:37:25,576 --> 00:37:29,436 to say I know about the 192.168.0.0 network? 735 00:37:29,976 --> 00:37:31,086 No, it's not. 736 00:37:31,356 --> 00:37:32,976 This is simply an identifier. 737 00:37:32,976 --> 00:37:34,426 Just-- just like when I type in this, 738 00:37:34,426 --> 00:37:38,636 it's not going to say I know about the 192.168.1.1 network. 739 00:37:38,636 --> 00:37:41,796 What happens when I type in this network command is the router goes-- 740 00:37:41,796 --> 00:37:44,576 goes and says oh look I have that interface. 741 00:37:44,896 --> 00:37:49,216 It's in that network or I know I guess I'm based on the command I type below. 742 00:37:49,216 --> 00:37:50,496 I have that interface. 743 00:37:50,736 --> 00:37:54,066 So it says okay, well let me-- let me look at that interface's configuration. 744 00:37:54,356 --> 00:37:57,326 I'll do a sure-run interface 0.0.0/0. 745 00:37:57,326 --> 00:37:58,936 And it says oh, well it looks 746 00:37:58,936 --> 00:38:04,466 like this interface has the configuration 192.168.2.1 with this subnet mask. 747 00:38:04,466 --> 00:38:11,056 So it looks and it goes oh okay, so it's really connected to the 192.168.2.0 network. 748 00:38:11,646 --> 00:38:14,176 The router is smart enough to put all the pieces together. 749 00:38:14,476 --> 00:38:20,086 This network command does not impact the actual network that is being advertised. 750 00:38:20,086 --> 00:38:23,916 Now, it could just happen to line up for example if I type 751 00:38:23,916 --> 00:38:29,676 in this command right here network 192.168.2.0 that that does happen to be the network 752 00:38:29,676 --> 00:38:31,826 that is advertised over to router two. 753 00:38:32,046 --> 00:38:33,716 But that just happens then. 754 00:38:33,716 --> 00:38:36,486 All of these other, every single one of these commands would work. 755 00:38:36,486 --> 00:38:37,846 This would make OSPF work. 756 00:38:38,006 --> 00:38:38,526 This would. 757 00:38:38,526 --> 00:38:38,976 This would. 758 00:38:38,976 --> 00:38:39,606 These would. 759 00:38:39,766 --> 00:38:40,986 They all do the same thing. 760 00:38:41,116 --> 00:38:43,216 And all their goal is to identify. 761 00:38:43,216 --> 00:38:45,476 Think of it-- think of these routers as standing and looking 762 00:38:45,476 --> 00:38:47,066 at its interface like a line up of people. 763 00:38:47,256 --> 00:38:48,966 And it's about ready to play dodge ball, right? 764 00:38:48,966 --> 00:38:53,936 And it's like I want you and I want you and I want you on my team, right? 765 00:38:53,936 --> 00:38:56,366 And the little interfaces walk forward and they're like yes. 766 00:38:56,366 --> 00:38:57,486 And he goes okay, now who are you? 767 00:38:57,616 --> 00:39:00,676 And he's like oh my name is 192.168.2, right? 768 00:39:00,676 --> 00:39:04,246 So-- so this, the network command just picks the people for dodge ball. 769 00:39:04,486 --> 00:39:06,156 It picks the interfaces for dodge ball. 770 00:39:06,346 --> 00:39:11,666 It does not actually dictate that this is exactly what is being advertised. 771 00:39:12,766 --> 00:39:13,436 Okay, good. 772 00:39:13,746 --> 00:39:14,956 Now there's one more piece. 773 00:39:14,956 --> 00:39:17,426 I told you it's the biggest command, most important command 774 00:39:17,426 --> 00:39:19,576 in everything that we're doing here. 775 00:39:19,996 --> 00:39:22,376 One more piece to this network command, right? 776 00:39:22,676 --> 00:39:23,746 And notice I hit the enter key. 777 00:39:23,746 --> 00:39:27,336 And it's like okay, you got the wild card mask but it's still an incomplete command. 778 00:39:27,336 --> 00:39:29,696 Like there is more to this command than what you've type in. 779 00:39:29,696 --> 00:39:31,146 So I go okay well what else do you want? 780 00:39:31,146 --> 00:39:35,006 And it would say, oh you need to tell me what area this network is in. 781 00:39:35,256 --> 00:39:38,866 Now this is that bucket of sand I was talking about a moment ago. 782 00:39:38,866 --> 00:39:43,146 We're just going to configure everything in the backbone area, 783 00:39:43,146 --> 00:39:48,186 the very first area we create which is always area zero, okay? 784 00:39:48,556 --> 00:39:50,776 Now we hit the enter key and we get nothing. 785 00:39:51,176 --> 00:39:53,046 Nothing is always good in Cisco. 786 00:39:53,226 --> 00:39:54,356 That means it took the command. 787 00:39:54,556 --> 00:39:56,926 It's now working in that configuration. 788 00:39:56,926 --> 00:40:00,146 So I can say okay, you've identified well hey let's-- let's do this. 789 00:40:00,146 --> 00:40:01,716 I'm going to say no network. 790 00:40:01,716 --> 00:40:04,586 I'm going to remove that command and I'm going to use Cisco's best practice. 791 00:40:04,586 --> 00:40:07,026 Let's do 2.1, right? 792 00:40:07,026 --> 00:40:10,266 With a wild card mask of 0.0.0.0. 793 00:40:10,396 --> 00:40:15,206 Identify specifically that when interface to use over to the other office. 794 00:40:15,206 --> 00:40:18,426 And then let's hit the upper row and identify 1.1. 795 00:40:19,126 --> 00:40:21,346 The LAN interface to use up here. 796 00:40:21,726 --> 00:40:27,186 So-- so we are again remember the two things we are now sending hello's out these interfaces. 797 00:40:27,446 --> 00:40:31,636 And we are identifying both of these as networks advertised to our friends. 798 00:40:32,536 --> 00:40:36,176 Now I said sending hello's out both 799 00:40:36,176 --> 00:40:38,666 to these interfaces although it's not happening here 'cause we use-- 800 00:40:38,666 --> 00:40:41,126 remember that passive interface default command? 801 00:40:41,126 --> 00:40:42,366 And that's-- that's still in there. 802 00:40:42,366 --> 00:40:43,996 It's still taking effect and that's fine. 803 00:40:43,996 --> 00:40:45,926 We don't have any neighbors outside of that interface. 804 00:40:45,926 --> 00:40:52,876 Okay. So now we can come over to router two so router two, right there. 805 00:40:52,876 --> 00:40:56,146 Bring them into the picture. 806 00:40:56,146 --> 00:40:58,496 Let's do get a quick orientation of router two. 807 00:40:59,356 --> 00:41:01,536 We'll go much faster now without all the descriptions. 808 00:41:01,536 --> 00:41:04,296 So we've got 192.168.3.1. 809 00:41:04,296 --> 00:41:04,816 Looks good. 810 00:41:04,816 --> 00:41:06,806 That's the LAN interface looking at the diagram. 811 00:41:06,806 --> 00:41:10,376 191.168.2.2 that's the LAN interface. 812 00:41:10,376 --> 00:41:15,596 Let's just make sure we can ping 192.168.2.1, 813 00:41:15,596 --> 00:41:18,466 just kind of getting some trouble shooting all the way before we get there. 814 00:41:18,466 --> 00:41:19,566 And then I'll do router OSPF. 815 00:41:19,566 --> 00:41:21,106 And it says, what's your proximity? 816 00:41:21,106 --> 00:41:22,276 Could I make this 60,000? 817 00:41:22,276 --> 00:41:22,516 Yes, I could. 818 00:41:22,516 --> 00:41:23,956 And it would work just fine but then I got 819 00:41:23,956 --> 00:41:26,896 to remember 60,000 every time I go and configure this router. 820 00:41:26,896 --> 00:41:27,946 No, just use one. 821 00:41:28,136 --> 00:41:37,686 So then I'm going to go in here and type in network 192.168.2.2.000 area 0. 822 00:41:38,096 --> 00:41:49,326 Hit the enter key and network oh, oh it happened so fast 192.168.3.1.0.0.0 oops-- 0.0.0.0 area 0. 823 00:41:50,286 --> 00:41:51,426 Did you see that message? 824 00:41:51,586 --> 00:41:53,496 See why these messages are so golden? 825 00:41:53,736 --> 00:41:56,046 You don't want to turn those off. 826 00:41:56,046 --> 00:41:58,216 And it says OSPF adjacency change. 827 00:41:58,216 --> 00:41:59,886 That's what that ADJ change means. 828 00:41:59,886 --> 00:42:05,106 Process ID one, we just saw a neighbor 192.168.2.1. 829 00:42:05,106 --> 00:42:05,676 That's-- that's our friend. 830 00:42:05,676 --> 00:42:09,626 That's router one over there on serial 0, I just went from loading to full. 831 00:42:10,116 --> 00:42:12,176 Later on, you'll actually learn about all of the-- 832 00:42:12,176 --> 00:42:16,346 the phases that a neighbor goes through initially it could go through and an in-it phase 833 00:42:16,346 --> 00:42:17,576 and you go through a two-way phase. 834 00:42:17,576 --> 00:42:20,926 And you go through X start exchange, loading, full, 835 00:42:20,926 --> 00:42:22,636 you go through all these different phases of neighbor. 836 00:42:22,636 --> 00:42:26,686 But it only reports the big one, meaning I now have a full neighbor relationship. 837 00:42:26,866 --> 00:42:27,936 How do we verify that? 838 00:42:28,496 --> 00:42:32,036 Let's go back and do a show IP OSPF neighbors. 839 00:42:32,036 --> 00:42:35,596 That would say that's your number one troubleshooting command right there for OSPF. 840 00:42:35,596 --> 00:42:42,176 And I can see right there on the screen it says 192.168.2.1 is at a full neighbor state. 841 00:42:42,916 --> 00:42:45,436 We've-- we've-- we're now fully exchanging routes between them. 842 00:42:45,436 --> 00:42:48,706 So how do I prove that this is working to me, okay? 843 00:42:49,086 --> 00:42:53,536 I do show IP Route and this is from router two's perspective. 844 00:42:53,886 --> 00:43:02,936 And I can see in my two connecting interfaces and-- OSPF whoa, has done its deal 192.168.1.1 845 00:43:02,936 --> 00:43:05,746 or 1.0 network it now knows about it. 846 00:43:05,746 --> 00:43:07,896 OSPF has advertised that to us. 847 00:43:07,896 --> 00:43:10,536 I can see it now-- what's all these other stuff. 848 00:43:10,576 --> 00:43:14,046 This, the 110 represents the administrative distance. 849 00:43:14,046 --> 00:43:18,026 Remember from the last nugget the believability of OSPF. 850 00:43:18,026 --> 00:43:20,146 How believable is that route to me? 851 00:43:20,446 --> 00:43:23,076 I can see 74, that's the actual metric. 852 00:43:23,076 --> 00:43:23,886 That's the cost. 853 00:43:23,886 --> 00:43:26,436 How much-- how much does it cost me to get there? 854 00:43:26,436 --> 00:43:27,626 Now how was that figured out? 855 00:43:27,846 --> 00:43:33,906 Well it was-- it was based on the interface bandwidth in-- 856 00:43:34,296 --> 00:43:38,826 in megabits per second, divided by 100. 857 00:43:39,356 --> 00:43:43,916 Now it-- it-- I'm trying to figure out how-- how to end up getting to 74. 858 00:43:43,916 --> 00:43:47,216 But, you know, essentially just doing the math whatever this bandwidth is set to for 859 00:43:47,216 --> 00:43:50,006 that LAN link, I think it's two megabits per second. 860 00:43:50,266 --> 00:43:53,336 And then this bandwidth is set too for-- for that LAN link. 861 00:43:53,336 --> 00:43:54,576 I don't know what it is. 862 00:43:54,576 --> 00:43:56,436 But it puts it into this formula. 863 00:43:56,666 --> 00:43:58,876 Totals them up and says okay, that's going to be-- 864 00:43:58,876 --> 00:44:02,216 that is actually equal to the cost which is the metric of OSPF. 865 00:44:02,216 --> 00:44:04,156 So it cost me 74 to get there. 866 00:44:04,266 --> 00:44:05,416 Where did I learn about it? 867 00:44:05,416 --> 00:44:09,276 192.168.2.1, how long have I known about this route? 868 00:44:09,416 --> 00:44:10,436 59 seconds. 869 00:44:10,436 --> 00:44:14,206 How-- how what interface do I go out of to reach that route? 870 00:44:14,206 --> 00:44:17,286 00/0, so now of course the ultimate test is always 871 00:44:17,286 --> 00:44:21,886 to ping it 192.168.1.1 and success we are there. 872 00:44:21,886 --> 00:44:24,206 Let's shoot over to router one because it should be feeling the same way. 873 00:44:24,736 --> 00:44:28,876 Notice without typing anything it gave us that status message we have a new neighbor. 874 00:44:29,176 --> 00:44:30,696 Show IP OSPF Neighbor. 875 00:44:32,236 --> 00:44:34,596 Verify that the neighbor is there. 876 00:44:34,596 --> 00:44:35,496 Show IP Route. 877 00:44:35,726 --> 00:44:41,756 And I can see I've learned about the 192.168.3.0 network. 878 00:44:41,996 --> 00:44:43,886 Got to ping it just to feel good about ourselves. 879 00:44:43,886 --> 00:44:44,366 And there it is. 880 00:44:44,366 --> 00:44:44,906 We're pinging it. 881 00:44:44,906 --> 00:44:45,766 We're successful. 882 00:44:45,996 --> 00:44:49,506 This is the neighbor that we learned from OSPF is in action. 883 00:44:49,506 --> 00:44:53,426 Okay, only other troubleshooting commands, like verify. 884 00:44:53,426 --> 00:44:55,216 Let's see-- how else can we see this is working? 885 00:44:55,216 --> 00:44:56,966 I can do a show IP Protocols. 886 00:44:57,326 --> 00:45:01,466 Show IP Protocols shows us what routing protocols are running on our router. 887 00:45:01,806 --> 00:45:04,756 And I can see OSPF process one is running. 888 00:45:05,026 --> 00:45:08,896 I can see it's advertising or routing for the networks 192 and it shows, you know, 889 00:45:08,896 --> 00:45:10,216 the network commands that I've typed in. 890 00:45:10,496 --> 00:45:13,296 It says here are the interfaces that are configured as passive. 891 00:45:13,476 --> 00:45:14,486 That's kind of cool. 892 00:45:14,926 --> 00:45:17,156 It's even showing us that and you'll notice serial zeros. 893 00:45:17,156 --> 00:45:19,436 So zero is the only one not in that list. 894 00:45:19,436 --> 00:45:21,286 And then down here I see the sources. 895 00:45:21,286 --> 00:45:22,576 This is-- this is some neighbors. 896 00:45:22,576 --> 00:45:24,626 These are some friends that I've learned about. 897 00:45:24,626 --> 00:45:29,436 Last update was three minutes ago because, you know, now they're sitting there nice and idle. 898 00:45:29,436 --> 00:45:30,156 What are they doing? 899 00:45:30,156 --> 00:45:35,046 I mean if I were to do a debug IP OSPF, what do we got here? 900 00:45:35,046 --> 00:45:37,146 Let's do packet. 901 00:45:37,146 --> 00:45:43,526 All I would see, there is hello messages. 902 00:45:43,526 --> 00:45:45,936 Now you might say well, how did you know it's a hello message? 903 00:45:45,936 --> 00:45:47,116 'Cause I know that's all I should see. 904 00:45:47,376 --> 00:45:51,986 You can actually-- you can actually go and break down each one of these-- these fields. 905 00:45:52,316 --> 00:45:56,346 And they mean something to where you can see this is OSPF version two. 906 00:45:56,566 --> 00:45:58,446 This packet is type one. 907 00:45:58,446 --> 00:46:01,096 It just so happens that type one is a hello packet. 908 00:46:01,096 --> 00:46:03,736 There are all kinds of different types of packets that are out there. 909 00:46:04,046 --> 00:46:05,536 What is the length of the packet? 910 00:46:05,536 --> 00:46:08,836 What is the router ID, essentially what is my name when I'm-- 911 00:46:08,836 --> 00:46:12,866 when I'm or the name of the router that's sending this packet? 912 00:46:13,016 --> 00:46:14,466 What is the authentication ID? 913 00:46:14,466 --> 00:46:18,446 I mean you can actually configure authentications really easy to make sure 914 00:46:18,446 --> 00:46:23,056 that oh what am I-- did say authen-- no I just made that up. 915 00:46:23,056 --> 00:46:25,806 Area ID, I don't know why I was thinking authentication. 916 00:46:26,066 --> 00:46:29,296 Area ID. It actually puts it in the IP address format. 917 00:46:29,296 --> 00:46:30,596 This is area zero. 918 00:46:31,006 --> 00:46:32,496 You'll see little check sum on there. 919 00:46:32,496 --> 00:46:35,206 You know this is the-- that's why I was saying authen-- this is the authentication here. 920 00:46:35,206 --> 00:46:36,826 What kind of authentication are you using? 921 00:46:37,046 --> 00:46:39,476 OSPF supports clear techs, not very good. 922 00:46:39,696 --> 00:46:44,236 And MD5 hashing, very good-- authentication between the different devices 923 00:46:44,236 --> 00:46:45,836 and then what interface they came in on. 924 00:46:45,836 --> 00:46:49,626 Now-- now, I'm seeing this is like-- and those are coming in every so often. 925 00:46:49,896 --> 00:46:55,206 I can do a show IP OSPF Interface and say well show me, you know, for instance serial 0/0. 926 00:46:55,476 --> 00:46:58,436 And I can say oh serial 0 is a point to point interface. 927 00:46:58,436 --> 00:46:59,396 That's the kind it is. 928 00:46:59,396 --> 00:47:02,846 And I'm saying hello every 10 seconds on there. 929 00:47:03,186 --> 00:47:06,386 Somebody is going to be considered dead if they don't speak for 40 seconds. 930 00:47:06,386 --> 00:47:10,026 And do you get that feel about how often these-- these little packs are showing up? 931 00:47:10,086 --> 00:47:11,266 It's about once every 10 seconds. 932 00:47:11,266 --> 00:47:11,706 There it is. 933 00:47:11,706 --> 00:47:12,516 There is it. 934 00:47:12,516 --> 00:47:17,036 So-- so some key show commands that you can use to really see kind 935 00:47:17,036 --> 00:47:18,796 of dig a little bit more of what's going on. 936 00:47:18,796 --> 00:47:20,236 Essentially watch the magic happen 937 00:47:20,236 --> 00:47:22,526 but understand a little more of how the magic is working. 938 00:47:23,266 --> 00:47:26,426 Can you believe that I thought I could fit all that into one nugget? 939 00:47:26,746 --> 00:47:27,706 Yeah, crazy right? 940 00:47:28,096 --> 00:47:33,326 So-- so let me-- let me just wrap this all up because I want 941 00:47:33,416 --> 00:47:35,696 to give you the big picture perspective. 942 00:47:36,056 --> 00:47:39,306 I don't know how long this nugget is because I'm still talking. 943 00:47:39,376 --> 00:47:42,786 But-- but it probably is I'm guessing about 30 minutes long 944 00:47:42,786 --> 00:47:45,456 or so that we've been talking about this now. 945 00:47:45,456 --> 00:47:52,106 But I want you to notice, all of this boil down to really two commands, right? 946 00:47:52,586 --> 00:47:56,416 Router, OSPF and we did the process ID one, right? 947 00:47:56,416 --> 00:47:58,886 And then network and then we typed in the network, 948 00:47:58,886 --> 00:48:01,346 the wild card mask and the area ID and that was it. 949 00:48:01,346 --> 00:48:04,436 And now I threw in the passive interface and some show commands for fun. 950 00:48:04,706 --> 00:48:07,596 But really 30 minutes boil down to two commands. 951 00:48:07,596 --> 00:48:10,266 Now, I know your-- that wasn't efficient. 952 00:48:10,506 --> 00:48:12,476 We could-- we could have done that in 5 minutes. 953 00:48:12,476 --> 00:48:17,666 Well the point is, there's a ton of configurations in Cisco that-- 954 00:48:17,796 --> 00:48:23,416 that are two minutes long but it takes hours of understanding the concepts 955 00:48:23,416 --> 00:48:25,066 of what you're doing behind there. 956 00:48:25,066 --> 00:48:29,896 The thing I'm trying to convey right now is make sure that sometimes it's so easy 957 00:48:29,896 --> 00:48:31,856 to get caught up in I've got remember syntax. 958 00:48:31,856 --> 00:48:33,056 I've got to remember these commands. 959 00:48:33,056 --> 00:48:35,996 And yes, yes you do have to remember commands to type in. 960 00:48:35,996 --> 00:48:38,886 But remember that the commands are the easy part. 961 00:48:39,086 --> 00:48:41,016 Anybody can go on Google and type 962 00:48:41,016 --> 00:48:44,676 in give me example OSPF configurations and be like oh there it is. 963 00:48:44,676 --> 00:48:46,916 I can-- I can type that in and it starts working. 964 00:48:47,236 --> 00:48:49,986 But to really understand it, that's the key. 965 00:48:49,986 --> 00:48:53,336 That's what Cisco wants at the CCNA levels, the understanding of what-- 966 00:48:53,606 --> 00:48:55,036 what is that network command doing? 967 00:48:55,036 --> 00:49:00,626 What-- what are those two things that it impacts when you go under the-- the network commands? 968 00:49:00,626 --> 00:49:05,776 So between this nugget in the last, we have seen what routing protocols are all about, 969 00:49:05,776 --> 00:49:08,226 the jellybean jar of protocol choices, 970 00:49:08,226 --> 00:49:10,396 all the different flavors and features that are out there. 971 00:49:10,686 --> 00:49:15,256 And then finally this nugget, we looked OSPF concepts and configuration. 972 00:49:15,586 --> 00:49:18,466 I hope this has been informative for you and I'd like to thank you for viewing. 87503