RIP Offset-List

Two routers R9 and R7 where R7 is connected to the rest of the network and R9 is the edge network. All of the network is exchanging routes via RIP version 2 with no-summary option.

R7 has with metric of 2 received from the network and advertise this to R9 via its G0/1.79 interface.

R7#sh ip route
Routing entry for
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from on GigabitEthernet0/1.37, 00:00:05 ago
Routing Descriptor Blocks:
*, from, 00:00:05 ago, via GigabitEthernet0/1.37
Route metric is 2, traffic share count is 1

R9 received the advertisement of network from R7 as below. R9 has with metric of 3.

R9#sh ip route
Routing entry for
Known via "rip", distance 120, metric 3
Redistributing via rip
Last update from on GigabitEthernet0/1.79, 00:00:04 ago
Routing Descriptor Blocks:
*, from, 00:00:04 ago, via GigabitEthernet0/1.79
Route metric is 3, traffic share count is 1

At this stage, we understand now that R7 has route to network with metric of 2 and R9 has the route to network with metric of 3.

RIP is a distance vector routing protocol where metric is used to denote how many hops it takes to reach the destination. In this case, it will take 2 hops for R7 to reach network and 3 hops for R9. It is also true that R9 is 1 hop further away from the network than R7.

The metric addition is not added when the routing advertisement received on R9, but it is added when it is advertised out from R7.

R7#debug ip rip
RIP: sending v2 update to via GigabitEthernet0/1.79 (
RIP: build update entries
<omitted> via, metric 3, tag 0

R9#debug ip rip
RIP: received v2 update from on GigabitEthernet0/1.79
<omitted> via in 3 hops

One of the way to manipulate the metric value is commonly known using offset-list (I’m sure if you study, by now you know how to manipulate this without using offset-list, right?). Offset-list will increase the existing metric value that is sent or received.

For example, using offset-list with value of 5 in R7 will increase the metric to 8. R7 will take the existing metric of 2, added with 1 when sending it out, added with 5 via offset-list. Total will be 8.

R7(config)#ip access-list st ACLRIPOFFSET
R7(config-std-nacl)#permit host

R7(config)#router rip
R7(config-router)#offset-list ?
<0-99>       Access list of networks to apply offset (0 selects all networks)
<1300-1999>  Access list of networks to apply offset (expanded range)
WORD         Access-list name

R7(config-router)#offset-list ACLRIPOFFSET ?
in   Perform offset on incoming updates
out  Perform offset on outgoing updates

R7(config-router)#offset-list ACLRIPOFFSET out ?
<0-16>  Offset

R7(config-router)#offset-list ACLRIPOFFSET out 5 G0/1.79

R7(config-router)#do debug ip rip
R7(config-router)#do clear ip route *

RIP: sending v2 flash update to via GigabitEthernet0/1.79 (
RIP: build flash update entries
<omitted> via, metric 8, tag 0

On R9 we see the metric is now 8

R9#debug ip rip
RIP protocol debugging is on

R9#clear ip route *

RIP: sending request on GigabitEthernet0/1.79 to
RIP: received v2 update from on GigabitEthernet0/1.79
<omitted> via in 8 hops

R9#u all
All possible debugging has been turned off

R9#sh ip route
Routing entry for
Known via "rip", distance 120, metric 8
Redistributing via rip
Last update from on GigabitEthernet0/1.79, 00:00:06 ago
Routing Descriptor Blocks:
*, from, 00:00:06 ago, via GigabitEthernet0/1.79
Route metric is 8, traffic share count is 1

Some little notes here when using the ACL:

– Also, the update itself does contain the subnet mask information (it’s RIP version 2) but using host address in the ACL is just fine.
– Either standard numbered or standard named ACL will work just fine but cannot use extended ACL.

R7(config)#no ip access-list st ACLRIPOFFSET
R7(config)#ip access-list ext ACLRIPOFFSET
R7(config-ext-nacl)#permit host host

R7(config-router)#offset-list ACLRIPOFFSET out 5 g0/1.79
Access-list type conflicts with prior definition
% This command only accepts named standard IP access-lists.

R7(config-router)#offset-list 110 out 5
% Invalid access list name.
R7(config-router)#offset-list 10 out 5


Storm Control blocks an interface upon receiving unicast, multicast, or broadcast packets flood based on the threshold value within one second period of time. This can be handy to prevent or at least reduce network flooding activities that can impact the network performance.

When the offending traffic reaches the Rising Threshold (RT), the interface blocks all traffic until the offending traffic rate drops below the Falling Threshold (FT). If FT is not specified, only RT will be used to measure.

The threshold value is from 0 to 100 where as 0 is to block any traffic and 100 is turning off the limit. The threshold value can be bits-per-second (bps), packets-per-second (pps), or percentage.
Continue reading

INEv5 – VIRL Topology – Lan Switching Spanning Tree Initial

I have been using INE (Internetwork Expert) CCIE RS rack rental but sometimes I find it a bit too slow for telnet response. So, with the advent of Cisco VIRL I have created the similar lab topology so I can lab the workbooks with fast response.

Initial configuration is saved in the .virl file but it is also available in a separate file just in case VIRL does not load the full config (in this case VLANs).

Topology diagram is also available with the conversion from INE lab to VIRL lab.
Continue reading

Visio Flat Network Icon

I have created just a few standard Microsoft Visio Flat Network icons and they are available for all to use and share. The idea was to have network icons that are 2D instead of the 3D version for drawing consistency and making it easier to apply Visio diagram theme.

These icons allow you to un-group and make changes to suit your need. The connectors are also created around the icon to allow attaching a line.

I created these icons on Visio 2013 but I’m not sure the compatibility with the earlier version so I’ve made these available in Visio 2013 (.vssx) and earlier Visio format (.vss).
Continue reading

MST Notes


Spanning Tree Protocol (STP) is a protocol to ensure there is no loop in layer 2 network. This protocol was invented by Radia Perlman in 1985 and published as a standard originally as IEEE 802.1D-1990.

In essence, STP works by sending a probe to every layer 2 switches and decides which link should be block if there is a loop.

Initially STP was used with one instance. This is when there was no understanding of VLAN which was introduced later in IEEE 802.1Q. Mono Spanning Tree runs a single Spanning Tree for all VLANs. Since it uses one Spanning Tree instance for all VLANs, it lacks the ability to engineer one path over another. All VLANs will have to share the same path and fate.
Continue reading

IGMPv2 – RFC 2236

While PIM controls the communication between multicast routers, IGMP is the control protocol between routers and hosts. IGMP is similar with ICMP and it has IP protocol number 2. Because the intention is the communcation between hosts and routers, it is only sent as a link-local packet that has TTL of 1 in the IP packet header.

Continue reading

PIM Sparse-Mode (SM) Notes – RFC 4601

Uses both Shared-Tree (*,G) and Source-Tree (S,G).

PIM Sparse-Mode (SM) steps:

  1. Discover PIM neighbor and elect DR.
    PIM is the infrastructure to deliver the multicast packet. It builds the multicast network hop-by-hop. It takes the advantage of the routing table to perform RPF but it does not really matter what routing protocol derives it from. Hence this is why it is called Protocol Independent Multicast (PIM).
  2. Continue reading