BGP – Points to Remember

  • As all EGP(Exterior Gateway Protocols) , BGP also is used to route between Autonomous Systems (ASs).
  • BGP uses TCP port 179, which makes the peer relationship between BGP Peers reliable.


A list of AS numbers which a route traverse is known as AS_PATH attribute.

An AS_PATH is created by appending each AS number to existing AS_PATH.

AS_PATH helps to find out the lowest Path by counting the number of AS numbers included in the AS_PATH attribute of eac route.

AS_PATH also helps to identify the loop. If a router gets a route with AS_PATH with its own AS number it will know that there exists a loop

BGP Message Types

Before establishing a BGP peer connection, the two neighbors must perform the standard TCP 2-way handshake and open a TCP connection to port 179. All BGP messages are unicast to the one neighbor over the TCP connection.

Four BGP Messages are :

  1. OPEN



Once the TCP connection is established , both the neighbors will send an OPEN Message. Each neighbors use this message for identify and to specify its BGP operations. OPEN Messages contains the following informations.

BGP version number – Specifies whether its contains BGP versions 2,3 or 4.  Unless specified by command neighbor version, it will be BGPv4.

Autonomous System Number – AS number of the Originating router. This decide whether it will be a eBGP or iBGP.

Hold Time –  The max time in secs that can be elapsed without getting any update or keepalives.  The holdtime must be either 0(in which no keepalives are sent) or atleast 3. Cisco default is 180 seconds. If both the neighbors have different holdtime, its negotiated to smaller one.

 BGP Identifier –  This is an IP address which identifies a BGP neighbor.  Cisco uses same process as it select OSPF router-id.

Optional Parameters – This field will be used to advertise support for capabilities such as Authentication, Multiprotocol support and route refresh.


If a router accepts with the options specified in the OPEN message, it will send a KEEPALIVE message. Subsequent keepalive will be send every 60 secs by default in CISCO routers or a period equal to 1/3rd of the holdtime.


Contains feasible routes,  withdrawn routes, or both. Contains following information.

Network Layer Reachability Information(NLRI) – Contains tuples (Length, Prefix). ie if update is having information regarding route, It will contain (19,

PATH Attributes – Contains the attributes for the above NLRI, which helps BGP to choose shortest PATH, detect Routing Loops, and determining Routing Policy.

Withdrawn Routes – Tuples (Length, Prefix) which are unreachable and are being withdrawn from the service.


Send by BGP neighbors when there is any error  occurred during BGP operations. Example, when a BGP  v3 router receives a BGP OPEN Message with BGP v4, it sends back a NOTIFICATION Message and close the connection. Then the BGPv4 router need to establish a new connection sending with a BGP v3 OPEN Message.    Send article as PDF   

RIP Version 2 – Points to Remember

Extensions added from RIPv1

  1. Subnet masks carried with each route entry
  2. Authentication of routing updates
  3. Next-hop addresses carried with each route entry
  4. External route tags
  5. Multicast route updates

Operation of RIPv2

Uses multicast address to send to other  ripv2 routers instead of broadcast.

RIPv2 Message Format
Almost same as of version1 . Only unused bits in version messages will be used for carrying the extensions mentioned.
Thos are

Route Tag provides a field for tagging external routes or routes that have been redistributed into the
RIPv2 process. One suggested use of this 16-bit field is to carry the autonomous system number of routes
that have been imported from an external routing protocol. Although RIP itself does not use this field,
external routing protocols connected to a RIP domain in multiple locations may use the route tag field to
exchange information across the RIP domain. The field may also be used to group certain external routes
for easier control within the RIP domain

Subnet Mask is 32-bit mask that identifies the network and subnet portion of the IP address.

Next Hop identifies a better next-hop address, if one exists, than the address of the advertising router.
That is, it indicates a next-hop address, on the same subnet, that is metrically closer to the destination than
the advertising router is. If the field is set to all zeros (, the address of the advertising router is the
best next-hop address.

Classless Routing Protocols

Classless routing protocols carry the subnet mask also along with the routing update. Classless routing lookup can be acheived by entering the command “ip classless” on global configuration mode.

When a router perform classless routing lookup, instead of checking for match with a major network of the destination IP address, it performs a bit-by-bit match with each of it routing table entry with the dst ip address.

This feature helps to implement VLSM (Variable Lenght Subnet Mask).

To include all-zeros subnet also into valid subnets, use the command “ip subnet-zero”.


RIP authentication is implemented using the first route entry update in the Update Message. This causes reducing the number of total routes that can be included in a single update message from 25 to 24.

If an update message contains authentication, first router entry address-family identifier field will contain OxFFFF.

If the authentication is simple  password,  authentication type field will contain – oxooo2 and the remaining 16 octets carry an alphanumeric password of up to 16 characters.

If the authentication is MD5, authentication type field contains oxooo3.

 Compatibility with RIP v1

The interface-level “compatibility switches” are implemented in Cisco IOS with the commands ip rip send version and ip rip receive version.    Send article as PDF   

RIP – Message Format

  1. Each message contains a command and a version and can containing  upto 25 entries.
  2. Each route entry contains and address-family , IP address reachable by this route  and a metric (Hop count)for that route.
  3. If more than 25 routes are there, need to use multiple RIP messages.
  4. Command – Specifies whether its a “Message  Request” (bit=1) or “Message Response” (bit=2).
  5. Version will be set to one for RIPv1.
  6. Address Family Identifier is set to two for IP. The only exception to this is a request for a router’s (orhost’s) full routing table

Request Message Types

There are two types of Request Messages

  1. Send a request for getting the entire routing table information from the neighbor. In this case, address-family identifier will be set to 0 and IP address will be set to and metric 16.
  2. Send a request to get a specific route or routes information from neighbor. This request message will contain IP address of the host/network/sub-net for which router need the route. The Neighbor on receiving  this will process entries one by one. If the router have a route to a specific entry , corresponding is marked with its metric and if it dont have entry for a route, it will mark metric as 16.    Send article as PDF   

RIP – Points to remember

  1. Rip uses UDP port 520 as both Src and Dst port value
  2. RIP defines two message types: Request messages and Response messages.
  3. The metric used by RIP is hop count (1- directly connected, 16 Unreachable)
  4. If a particular entry in update packet is new, then router will insert it into its routing table along with the advertising router which is the src address of the update packet.
  5. If the route is for a network that is already in the table, the existing entry will be replaced only if the new route has a lower hop count.
  6. If the advertised hop count is higher than the recorded hop count and the update was originated by the recorded next-hop router, the route will be marked as unreachable for a specified holddown period.
  7. If at the end of that time the same neighbor is still advertising the higher hop count, the new metric will be accepted.
  8. RIP v1 can perform equal-cost load balancing.

RIP Timers and Stability Features

Update Timer

  1. Send update packet every 30 secs with complete information of its routing table.
  2. The update is a broadcast and hence the destination IP will be

Holddown Period

If the advertised hop count is higher than the recorded hop count and the update was originated by the recorded next-hop router, the route will be marked as unreachable for a specified (180 sec) holddown period.

Invalid Timer

  1. Amount of time which a route can exist in routing table as Valid , if it didn’t receive any update.
  2. It is 180 secs (6 times update timer)
  3. Even after 180 seconds, no update is heard, it will mark that route as unreachable(hop count 16).

Flush Timer

  1. The router will wait for 240 seconds (60 secs more after invalid timer expire) and still if it didnt get any update, it will flush that entry from routing table.
  2. 180-240 secs, the router will advertise this route to neighbors  as unreachable.
  3. During 180-240 seconds, route will show as in routing table.

The timers can be changed using below command

# timers basic <update> <invalid> <holddown> <flush>

 Silent hosts
Some hosts may employ RIP in a “silent” mode. These so-called silent hosts do not generate RIP updates,
but listen for them and update their internal routing tables accordingly.
Class-full Routing in RIP v1
When a packet enters a RIP-speaking router and a route table lookup is performed, the various choices in
the table are pruned until a single path remains. First, the network portion of the destination address is
read and the routing table is consulted for a match. It is this first step of reading the major class A, B, or C
network number that defines a classful routing table lookup. If there is no match for the major network,
the packet is dropped and an ICMP Destination Unreachable message is sent to the packet’s source. If
there is a match for the network portion, the subnets listed for that network are examined. If a match can
be found, the packet is routed. If a match cannot be made, the packet is dropped and a Destination
Unreachable message is sent.

The RIPv1 route update does not carry subnet mask.
If the major network is directly connected to the router, that interface subnet mask is taken for all the sunets in that major network.
If the major network is not directly connected to any of the router interfaces, it will use a summarized route to major network. Thiis is also know as subnet hiding. This is performed in the boundary router between the two major network.

Summarization in Discontigous link
When subnets of a major network is not contigous, that means, if it resides in two difefrent parts of network, there is chance that the routers between these two subnets will load balance as each of the router in two subnets will send summarized route to the routers between it.
Solution for this is the links between this subnets should be configured using a secondary address and make it logically contigous.

Manupulation of metric.
Example : If the hops between two routers are 2 hops and for redundancy or as a backup link we have a serial connection directly connected between these two routers, since the serial link is 1 hop, it will be always preferred over the 2 hop path. To prevent this and make the 2 hop path whenever its available, we can use “offset-list”.

offset-list command specify a number which need to be added to the route entry and to identify which route entry metric should be manipulated, it uses an access-list.

Ernest_T(config)#access-list 1 permit
Ernest_T(config)#router rip
Ernest_T(config-router)#offset-list 1 in 2 Serial0

Above command says that, Whatever route updates which get through Serial0 and which matches the routes mentioned in access-list 1, add 2 hops to the metric, before installing it into routing table. This will make the total hop count as 3 for these routes and hence route with 2 hops will be preferred and whenever hops with 2 hops go down, routes with 3 hops will be used.    Send article as PDF   

Win 7 cannot access WinXP on LAN but reverse working

SOLUTION (Should be done on Win XP)

1. Go to “My Network Places”

2. Click on “View Network Connections”

3. Select your LAN NIC, Right click and select properties.

4. Click on “Advanced” tab

5. Click on “Settings”

6.  On Windows Firewall window ,  click on “Exceptions” tab

7.  Select “File and Printer Sharing” , “Remote Desktop” &  “Remote Assistance”.

8. Click OK to all windows opened.

Hope this will help.    Send article as PDF   

What is QoS ?

QoS is the ability of the network to provide better or special service to a set of users or applications or both to the detriment of other users or applications or both. The earliest versions of QoS tools protected data against data. For instance, priority queuing made sure packets that matched an access list always had the right of way on an egress interface. Another example is WFQ, which prevents small packets from waiting too long behind large packets on an egress interface outbound queue. When VoIP started to become a serious technology, QoS tools were created to protect voice from data. An example of such a tool is RTP priority queue.

Implementing QoS
Implementing QoS involves three major steps:
Step 1 Identifying traffic types and their requirements
Step 2 Classifying traffic based on the requirements identified
Step 3 Defining policies for each traffic class


Step 1: Identifying Traffic Types and Their Requirements
Identifying traffic types and their requirements, the first step in implementing QoS, is composed of the following elements or substeps:

Perform a network audit—It is often recommended that you perform the audit during thebusy hour (BH) or congestion period, but it is also important that you run the audit at other times. Certain applications are run during slow business hours on purpose. There are scientific
methods for identifying the busy network moments, for example, through statistical sampling and analysis, but the simplest method is to observe CPU and link utilizations and conduct the audit during the general peak periods.
Perform a business audit and determine the importance of each application—The business model and goals dictate the business requirements. From that, you can derive the definition of traffic classes and the requirements for each class. This step considers whether delaying or dropping packets of each application is acceptable. You must determine the relative importance of different applications.
Define the appropriate service levels for each traffic class—For each traffic class, within the framework of business objectives, a specific service level can define tangible resource availability or reservations. Guaranteed minimum bandwidth, maximum bandwidth, guaranteed end-to-end maximum delay, guaranteed end-to-end maximum jitter, and comparative drop preference are among the characteristics that you can define for each service level. The final service level definitions must meet business objectives and satisfy the comfort expectations of the users.

Step 2: Classifying Traffic Based on the Requirements Identified
The definition of traffic classes does not need to be general; it must include the traffic (application) types that were observed during the network audit step. You can classify tens or even hundreds of traffic variations into very few classes. The defined traffic classes must be in line with business objectives. The traffic or application types within the same class must have common requirements and business requirements. The exceptions to this rule are the applications that have not been identified or scavenger-class traffic. Voice traffic has specific requirements, and it is almost always in its own class. With Cisco LLQ, VoIP is assigned to a single class, and that class uses a strict priority queue (a priority queue with
strict maximum bandwidth) on the egress interface of each router. Many case studies have shown the merits of using some or all of the following traffic classes within an enterprise network:

Voice (VoIP) class—Voice traffic has specific bandwidth requirements, and its delay and drops must be eliminated or at least minimized. Therefore, this class is the highest priority class but has limited bandwidth. VoIP packet loss should remain below 1% and the goal for
its end-to-end delay must be 150 ms.

Mission-critical traffic class—Critical business applications are put in one or two classes. You must identify the bandwidth requirements for them.
Signaling traffic class—Signaling traffic, voice call setup and teardown for example, is often put in a separate class. This class has limited bandwidth expectations.
Transactional applications traffic class—These applications, if present, include interactive, database, and similar services that need special attention. You must also identify the bandwidth requirements for them. Enterprise Resource Planning (ERP) applications such as Peoplesoft
and SAP are examples of these types of applications.
Best-effort traffic class—All the undefined traffic types are considered best effort and receive the remainder of bandwidth on an interface.
Scavenger traffic class—This class of applications will be assigned into one class and be given limited bandwidth. This class is considered inferior to the best-effort traffic class. Peerto- peer file sharing applications are put in this class.

Step 3: Defining Policies for Each Traffic Class
After the traffic classes have been formed based on the network audit and business objectives, the final step of implementing QoS in an enterprise is to provide a network-wide definition for the QoS service level that must be assigned to each traffic class. This is called defining a QoS policy, and
it might include having to complete the following tasks:
■ Setting a maximum bandwidth limit for a class
■ Setting a minimum bandwidth guarantee for a class
■ Assigning a relative priority level to a class
■ Applying congestion management, congestion avoidance, and many other advanced QoS
technologies to a class.
To provide an example, based on the traffic classes listed in the previous section, Table 2-2 defines
a practical QoS policy.    Send article as PDF   

QoS – End-to-End Delay

End-to-End Delay
There are different types of delay from source to destination. End-to-end delay is the sum of those
different delay types that affect the packets of a certain flow or application. Four of the important
types of delay that make up end-to-end delay are as follows:
■ Processing delay
■ Queuing delay
■ Serialization delay
■ Propagation delay

Processing delay is the time it takes for a device such as a router or Layer 3 switch to perform all the tasks necessary to move a packet from the input (ingress) interface to the output (egress) interface. The CPU type, CPU utilization, switching mode, router architecture, and configured features on the device affect the processing delay. For example, packets that are distributed-CEF switched on a versatile interface processor (VIP) card cause no CPU interrupts.
Queuing delay is the amount of time that a packet spends in the output queue of a router interface. The busyness of the router, the number of packets waiting in the queue, the queuing discipline, and the interface bandwidth all affect the queuing delay.

Serialization delay is the time it takes to send all the bits of a frame to the physical medium for transmission across the physical layer.

Propagation delay – The time it takes for the bits of that frame to cross the physical link is called the propagation delay. Naturally, the propagation delay across different media can be significantly different. For instance, the propagation delay on a high-speed optical connection such as OC-192 is significantly lower than the propagation delay on a satellite-based link.    Send article as PDF   

Difference between vector and ArrayList

Sometimes Vector is better; sometimes ArrayList is better; sometimes you don’t want to use either. I hope you weren’t looking for an easy answer because the answer depends upon what you are doing. There are four factors to consider:

  • API
  • Synchronization
  • Data growth
  • Usage patterns

Let’s explore each in turn.


In The Java Programming Language (Addison-Wesley, June 2000) Ken Arnold, James Gosling, and David Holmes describe the Vector as an analog to the ArrayList. So, from an API perspective, the two classes are very similar. However, there are still some major differences between the two classes.


Vectors are synchronized. Any method that touches the Vector‘s contents is thread safe. ArrayList, on the other hand, is unsynchronized, making them, therefore, not thread safe. With that difference in mind, using synchronization will incur a performance hit. So if you don’t need a thread-safe collection, use the ArrayList. Why pay the price of synchronization unnecessarily?

Data growth

Internally, both the ArrayList and Vector hold onto their contents using an Array. You need to keep this fact in mind while using either in your programs. When you insert an element into an ArrayList or a Vector, the object will need to expand its internal array if it runs out of room. A Vector defaults to doubling the size of its array, while the ArrayList increases its array size by 50 percent. Depending on how you use these classes, you could end up taking a large performance hit while adding new elements. It’s always best to set the object’s initial capacity to the largest capacity that your program will need. By carefully setting the capacity, you can avoid paying the penalty needed to resize the internal array later. If you don’t know how much data you’ll have, but you do know the rate at which it grows, Vector does possess a slight advantage since you can set the increment value.

Usage patterns

Both the ArrayList and Vector are good for retrieving elements from a specific position in the container or for adding and removing elements from the end of the container. All of these operations can be performed in constant time — O(1). However, adding and removing elements from any other position proves more expensive — linear to be exact: O(n-i), where n is the number of elements and i is the index of the element added or removed. These operations are more expensive because you have to shift all elements at index i and higher over by one element. So what does this all mean?

It means that if you want to index elements or add and remove elements at the end of the array, use either a Vector or an ArrayList. If you want to do anything else to the contents, go find yourself another container class. For example, the LinkedList can add or remove an element at any position in constant time — O(1). However, indexing an element is a bit slower — O(i) where i is the index of the element. Traversing an ArrayList is also easier since you can simply use an index instead of having to create an iterator. The LinkedList also creates an internal object for each element inserted. So you have to be aware of the extra garbage being created.    Send article as PDF   

How to get input from user in java

This program tells you how to get input from user in a java program. We are using Scanner class to get input from user. This program firstly asks the user to enter a string and then the string is printed, then an integer and entered integer is also printed and finally a float and it is also printed ion the screen. Scanner class is present in java.util package so we import this package in our program. We first create an object of Scanner class and then we use the methods of Scanner class. Consider the statement

 Scanner a  = new Scanner(;

here Scanner is the class name, a is the name of object, new keyword is used to allocate the memory and is the input stream. Following methods of Scanner class are used in the program below :-

1) nextInt to input an integer

2) nextFloat to input a float

3) nextLine to input a string

import java.util.*;

class GetInputFromUser
   public static void main(String args[])
      int a;
      float b;
      String s;

      Scanner in = new Scanner(;

      System.out.println("Enter a string");
      s = in.nextLine();
      System.out.println("You entered string "+s);

      System.out.println("Enter an integer");
      a = in.nextInt();
      System.out.println("You entered integer "+a);

      System.out.println("Enter a float");
      b = in.nextFloat();
      System.out.println("You entered float "+b);   
}    Send article as PDF   

Difference between throw and throws-Example

Like playing catch with a ball, programming involves trowing and catching exceptions. An exception is normally some problem that needs to be “fixed” by the programmer. But this means that we need to do more work. So here throwing comes in. If you do some logical test and you find that something funny is happening then you can “throw” an Exception instance. For example:

int a = 1, b = 0;
if (b != 0){
    // cool!
    int c = a / b;
} else {
    // Darn it.
    throw new Exception("Can't devide by zero!");

To catch it you use an try-catch block. Look at this method:

public static void go(){
        int a = 1, b = 0;
        if (b != 0){
            // cool!
            int c = a / b;
        } else {
            // Darn it.
            throw new Exception("Can't devide by zero!");
    } catch (Exception e) {
        // Gotcha ha!

This means that you need to catch and handle the exception. Exceptions are not fun to work with, so you can pass it on the the user of your methods. Although, this is not very nice, but it can speed up your developing time. To “pass on” exceptions to the user of your method, you use the throws keyword:

public static void go() throws Exception{
    int a = 1, b = 0;
    if (b != 0){
        // cool!
        int c = a / b;
    } else {
        // Darn it.
        throw new Exception("Can't devide by zero!");

The problem is that the user of this method must now worry about this:

} catch (Exception e) {
    // Gotcha ha!

It is possible to keep throwing an Exception, but it is not a very good way to program. The best way to handle exceptions, is as early as possible!    Send article as PDF