This course explores the various methods of path control including manipulating dynamic routing protocol decisions, static routing, BGP, policy-based routing (PBR), virtual private networks (VPN), and GRE tunnels.
This course explores the various methods of path control including manipulating dynamic routing protocol decisions, static routing, BGP, policy-based routing (PBR), virtual private networks (VPN), and GRE tunnels. This course covers sections 3.12, 3.30, 3.31, 3.32, and 4.0 of the CCNP ROUTE exam topics.
Ben Piper is an IT consultant and the author of "Learn Cisco Network
Administration in a Month of Lunches" from Manning Publications. He holds
numerous certifications from Cisco, Citrix, and Microsoft.
Static Routing Well, as you already know from your CCNA studies, as well as earlier courses in this series, one of the most fundamental methods of path control is the use of static routes. Static routing is something you're already pretty familiar with, so you might be tempted to just skip right over this exam topic and spend more time on other, more complex topics. Well, if that thought is crossing your mind right now or if it ever crosses your mind during your CCNP studies, I want you to remember this quote from mathematician William Dembski, "Sometimes we go wrong by thinking a problem more difficult than it actually is, and other times by thinking a problem is easier than it actually is. " The bottom line is that we humans are not always good at determining difficulty, so don't assume that any particular topic on the ROUTE exam is easy just because it seems easy or because you've studied it during your CCNA studies. The fundamental components of static routing are, in fact, pretty simple, but when you combine static routing with dynamic routing protocols and route redistribution, a simple static routing configuration can behave in some really unexpected ways. Before tackling our next customer request, let's briefly go over the basic components of a static route. A static route consists of a prefix, which is an IP address and subnet mask combination, a next hop, which can be either an IP address, an interface, or both, and of course, and administrative distance, which by default is 1 for static routes. Now, I know you already knew all this, of course, but I want you to keep these things in mind as we go through this module, because the implications of these seemingly simple parameters can have a profound impact on routing. So with that, let's take a look at our next customer request.
Configuring Path Control for Dynamic Routing Protocols In the last module, I discussed how to use static routes to force traffic to take a particular path through the network. But in this module, we're going to have some fun learning how to force our dynamic routing protocols to force traffic down a certain path. Now at first blush, that might seem a little bit counter-intuitive. The purpose of dynamic routing protocols is automate routing decisions, so why would we want to try to influence those decisions manually? Well, for example, you may want certain traffic, say voice-over IP traffic to prefer a slow serial link over a metro Ethernet link, because the serial link has lower delay, even though it may also have lower bandwidth. Also, a routing protocol may not always choose the most optimal path. OSPF is a prime example of this, because it will choose to route within an area, intra-area, even if there's a better path between areas, inter-area. Remember that path control is about modifying how each individual router forwards a given packet. One of the path control configuration points is at the routing protocol level, so that's primarily where we're going to be working. Just remember that path control can be configured at any of these configuration points, and sometimes it may be necessary to move down and adjust the administrative distances or even create static routes in order to achieve a particular path.
Understanding Virtual Private Network (VPN) Types In this module, we're going to cover virtual private network or VPN types, but before we get started, I need to address a misconception about VPNs and give you a really clear picture of what the term virtual private network actually means. The most common misconception I hear about virtual private networks is that VPNs are always secure, that is, they always use authentication and encryption. My friends, that is simply not true. A VPN can use authentication and encryption, but it most certainly does not have to. So we need to define exactly what a virtual private network is. You already know what the term private network means, but the term virtual can mean a lot of different things depending on the context. So I'm going to borrow a definition given by Gustavo Santana in his book, Data Center Virtualization Fundamentals, "Virtualization is the transparent emulation of an IT resource producing to its consumers benefits that were unavailable in its physical form. " A virtual private network is really just an emulated private network that provides some benefit that the underlying physical network does not. This, of course, raises the question, what benefits does a virtual private network provide that a regular physical network does not provide? Well, that is the very question we're going to answer in this module, and by the time you're done, I think you'll have a new found understanding and appreciation for the term virtual private network.