Category Archives: Networking

RIP Offset-List

Two routers R9 and R7 where R7 is connected to the rest of the network and R9 is the edge network. All of the network is exchanging routes via RIP version 2 with no-summary option.

R7 has with metric of 2 received from the network and advertise this to R9 via its G0/1.79 interface.

R7#sh ip route
Routing entry for
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from on GigabitEthernet0/1.37, 00:00:05 ago
Routing Descriptor Blocks:
*, from, 00:00:05 ago, via GigabitEthernet0/1.37
Route metric is 2, traffic share count is 1

R9 received the advertisement of network from R7 as below. R9 has with metric of 3.

R9#sh ip route
Routing entry for
Known via "rip", distance 120, metric 3
Redistributing via rip
Last update from on GigabitEthernet0/1.79, 00:00:04 ago
Routing Descriptor Blocks:
*, from, 00:00:04 ago, via GigabitEthernet0/1.79
Route metric is 3, traffic share count is 1

At this stage, we understand now that R7 has route to network with metric of 2 and R9 has the route to network with metric of 3.

RIP is a distance vector routing protocol where metric is used to denote how many hops it takes to reach the destination. In this case, it will take 2 hops for R7 to reach network and 3 hops for R9. It is also true that R9 is 1 hop further away from the network than R7.

The metric addition is not added when the routing advertisement received on R9, but it is added when it is advertised out from R7.

R7#debug ip rip
RIP: sending v2 update to via GigabitEthernet0/1.79 (
RIP: build update entries
<omitted> via, metric 3, tag 0

R9#debug ip rip
RIP: received v2 update from on GigabitEthernet0/1.79
<omitted> via in 3 hops

One of the way to manipulate the metric value is commonly known using offset-list (I’m sure if you study, by now you know how to manipulate this without using offset-list, right?). Offset-list will increase the existing metric value that is sent or received.

For example, using offset-list with value of 5 in R7 will increase the metric to 8. R7 will take the existing metric of 2, added with 1 when sending it out, added with 5 via offset-list. Total will be 8.

R7(config)#ip access-list st ACLRIPOFFSET
R7(config-std-nacl)#permit host

R7(config)#router rip
R7(config-router)#offset-list ?
<0-99>       Access list of networks to apply offset (0 selects all networks)
<1300-1999>  Access list of networks to apply offset (expanded range)
WORD         Access-list name

R7(config-router)#offset-list ACLRIPOFFSET ?
in   Perform offset on incoming updates
out  Perform offset on outgoing updates

R7(config-router)#offset-list ACLRIPOFFSET out ?
<0-16>  Offset

R7(config-router)#offset-list ACLRIPOFFSET out 5 G0/1.79

R7(config-router)#do debug ip rip
R7(config-router)#do clear ip route *

RIP: sending v2 flash update to via GigabitEthernet0/1.79 (
RIP: build flash update entries
<omitted> via, metric 8, tag 0

On R9 we see the metric is now 8

R9#debug ip rip
RIP protocol debugging is on

R9#clear ip route *

RIP: sending request on GigabitEthernet0/1.79 to
RIP: received v2 update from on GigabitEthernet0/1.79
<omitted> via in 8 hops

R9#u all
All possible debugging has been turned off

R9#sh ip route
Routing entry for
Known via "rip", distance 120, metric 8
Redistributing via rip
Last update from on GigabitEthernet0/1.79, 00:00:06 ago
Routing Descriptor Blocks:
*, from, 00:00:06 ago, via GigabitEthernet0/1.79
Route metric is 8, traffic share count is 1

Some little notes here when using the ACL:

– Also, the update itself does contain the subnet mask information (it’s RIP version 2) but using host address in the ACL is just fine.
– Either standard numbered or standard named ACL will work just fine but cannot use extended ACL.

R7(config)#no ip access-list st ACLRIPOFFSET
R7(config)#ip access-list ext ACLRIPOFFSET
R7(config-ext-nacl)#permit host host

R7(config-router)#offset-list ACLRIPOFFSET out 5 g0/1.79
Access-list type conflicts with prior definition
% This command only accepts named standard IP access-lists.

R7(config-router)#offset-list 110 out 5
% Invalid access list name.
R7(config-router)#offset-list 10 out 5


Storm Control blocks an interface upon receiving unicast, multicast, or broadcast packets flood based on the threshold value within one second period of time. This can be handy to prevent or at least reduce network flooding activities that can impact the network performance.

When the offending traffic reaches the Rising Threshold (RT), the interface blocks all traffic until the offending traffic rate drops below the Falling Threshold (FT). If FT is not specified, only RT will be used to measure.

The threshold value is from 0 to 100 where as 0 is to block any traffic and 100 is turning off the limit. The threshold value can be bits-per-second (bps), packets-per-second (pps), or percentage.
Continue reading

Visio Flat Network Icon

I have created just a few standard Microsoft Visio Flat Network icons and they are available for all to use and share. The idea was to have network icons that are 2D instead of the 3D version for drawing consistency and making it easier to apply Visio diagram theme.

These icons allow you to un-group and make changes to suit your need. The connectors are also created around the icon to allow attaching a line.

I created these icons on Visio 2013 but I’m not sure the compatibility with the earlier version so I’ve made these available in Visio 2013 (.vssx) and earlier Visio format (.vss).
Continue reading

MST Notes


Spanning Tree Protocol (STP) is a protocol to ensure there is no loop in layer 2 network. This protocol was invented by Radia Perlman in 1985 and published as a standard originally as IEEE 802.1D-1990.

In essence, STP works by sending a probe to every layer 2 switches and decides which link should be block if there is a loop.

Initially STP was used with one instance. This is when there was no understanding of VLAN which was introduced later in IEEE 802.1Q. Mono Spanning Tree runs a single Spanning Tree for all VLANs. Since it uses one Spanning Tree instance for all VLANs, it lacks the ability to engineer one path over another. All VLANs will have to share the same path and fate.
Continue reading

IGMPv2 – RFC 2236

While PIM controls the communication between multicast routers, IGMP is the control protocol between routers and hosts. IGMP is similar with ICMP and it has IP protocol number 2. Because the intention is the communcation between hosts and routers, it is only sent as a link-local packet that has TTL of 1 in the IP packet header.

Continue reading

PIM Sparse-Mode (SM) Notes – RFC 4601

Uses both Shared-Tree (*,G) and Source-Tree (S,G).

PIM Sparse-Mode (SM) steps:

  1. Discover PIM neighbor and elect DR.
    PIM is the infrastructure to deliver the multicast packet. It builds the multicast network hop-by-hop. It takes the advantage of the routing table to perform RPF but it does not really matter what routing protocol derives it from. Hence this is why it is called Protocol Independent Multicast (PIM).
  2. Continue reading

InternetworkExpert updates its CCIE R&S Material

I’m actually countering my dissapointment to INE with good product updates they recently released.

First of all, I’m studying for CCIE R&S v4.0. Therefore, I need to have materials that specifically design for v4.0.

Looking to the WB1 I have from INE, I was quite surprised to know that INE updated the WB with additional Cisco IOS Optimized Edge Routing Configuration Guide, Release 12.4T. This is great!

I also noticed that in my account INE updated my CoD with newer version of R&S Advanced Technologies 5-Day Class-on-Demand v4.5. Anthony is teaching and he sounds like a circus announcer. Don’t get mad Anthony! 🙂

This is actually a very good thing to keep me awake while listen and watching CoD. The quality of the CoD I cannot really say as I haven’t watching it from day 1 to day 5.

Also, some bonuses from Brian Dennis for previous version of CoD. INe puts 4 parts of MPLS and 1 part of Zone-based FW.

Thank you INE, keep improving!

Heaps of Omnigraffle Stencils

I used Omnigraffle about a year ago then I remember I had difficulties to draw network diagram based on Cisco Stencil. I posted Cisco Stencils for Omnigraffle and that was pretty much the only available Cisco Stencil during that time.

I’m reopening my Omnigraffle ’cause I’m quite lazy to switch to other laptop and start googling for Omnigraffle stencils. I’m quite surprised to know that there is actually a site dedicated just only to provide free Omnigraffle stencils and it includes Cisco stencils. Graffletopia gives you heaps of Omnigraffle stencils for free. The quality is very good and although not all of Cisco stencil are available, it is actually enough to start the work.

Big thanks to Patrick Crowley for the initiative!

Kiwi Cattools

If you are looking for an application that can pushes config for many of your Cisco devices, Kiwi Cattools will be the perfect one.

It has been around for a while and recently was bought by Solarwinds in January 5th, 2009. But fear not, the freeware version will still be available for download and can use up to 20 devices while for $550 you can get the Enterprise Edition which provides unlimited devices.

I began to play with Kiwi Cattools with 3 devices running under Dynamips.

Starting with registering 3 3640-routers, I needed to define the model, name, and IP Address. The first registration could be cumbersome yet later you can just copy the entry and change the name and IP address assuming the device model and the rest are the same.

After you registered the devices, then you are provided with several built-in activities and it’s just enough to carry on your work.

I tried to push some configuration entries and it went very well. It also reported the activity and show whether it encountered errors.

Besides playing with push-config feature I also played with config comparison. This is a very good feature when you need to find what went wrong with your Change. I know some people swear by his life it can only be done via Excel yet now I found there is a better way to compare your config.

The comparison can also exported to HTML so you can view it on your browser. This is just so great.

I haven’t really try to use it extensively for work but Kiwi Cattools looks really promising.

PS. Yes, I also tried NetworkAuthority Inventory on Linux, but I couldn’t get it to recognize my 3640. Also, when I tried to install it in Windows, even until I finished writing this post, I still need to download the ActiveState Perl to get it working. I’ll try to post it some time.