Ceta.Mac'S Blog: 2006/01/29

February 04, 2006

debug ppp negotiation

In dial-related applications, PPP (Point-to-Point Protocol) is the most commonly used encapsulation type. PPP allows two machines on a p2p communication link to negotiate various parameters for authentication, compression, and the Layer 3 (L3) protocols, such as IP. A failure in the PPP negotiation between two routers causes the connection to fail.

PPP negotiation between two peers cannot start unless the lower layer (ISDN, physical interface, dial-up line, and so on) under PPP functions perfectly. For example, if you want to run PPP over ISDN, then all ISDN layers must be up; otherwise PPP does not start.

The debug ppp negotiation command enables you to view the PPP negotiation transactions, identify the problem or stage when the error occurs, and develop a resolution. So, it is imperative that you understand the debug ppp negotiation command output.

Phases of PPP Negotiation:

LCP (Mandatory Phase):

LCP is a phase in which parameters to establish, configure, and test the data-link connection are negotiated. An LCP state of open means that LCP was successfully completed, while an LCP state of closed indicates an LCP failure.

Output Field Explain:
Pay Attention for it, most of the other debug command are in a similar formation.

The timestamp—Millisecond timestamps are useful.
Interface and Interface number—This field is useful when debug connections use multiple connections, or when the connection transitions through several interfaces. For example, certain connections (such as multilink calls) are controlled by the physical interface at the beginning,but are later controlled by the dialer interface or virtual-access interface.
Type of PPP message—This field indicates whether the line is a general PPP, LCP, CHAP, PAP, or IPCP message.
Direction of the message—An I indicates an incoming packet, and an O indicates an outgoing packet. This field can be used to determine if the message was generated or received by the router.
Message—This field includes the particular transaction under negotiation.
ID—This field is used to match and coordinate request messages to the appropriate response messages. You can use the ID field to associate a response with an incoming message. This option is especially useful when the incoming message and the response are far apart in the debug output.
Length—The length field defines the length of the information field. This field is not important for general troubleshooting.

Example:

CetaMax_01#debug ppp negotiation
PPP protocol negotiation debugging is on
CetaMax_01#
*Mar 1 00:06:36.645: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up

!--- The Physical Layer (BRI Interface) is up. Only now can PPP
!--- negotiation begin.

*Mar 1 00:06:36.661: BR0:1 PPP: Treating connection as a callin
*Mar 1 00:06:36.665: BR0:1 PPP: Phase is ESTABLISHING, Passive Open[0 sess, 0 load]

!--- The PPP Phase is ESTABLISHING. LCP negotiation now occurs.

*Mar 1 00:06:36.669: BR0:1 LCP: State is Listen
*Mar 1 00:06:37.034: BR0:1 LCP: I CONFREQ [Listen] id 7 len 17

!--- This is the incoming CONFREQ. The ID field is 7.

*Mar 1 00:06:37.038: BR0:1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 00:06:37.042: BR0:1 LCP: MagicNumber 0x507A214D (0x0506507A214D)
*Mar 1 00:06:37.046: BR0:1 LCP: Callback 0 (0x0D0300)

!--- The peer has requested:
!--- Option: Authentication Protocol, Value: PAP
!--- Option: MagicNumber (This is used to detect loopbacks and is always sent.)
!--- Option: Callback, Value: 0 (This is for PPP Callback; MS Callback uses 6.)

*Mar 1 00:06:37.054: BR0:1 LCP: O CONFREQ [Listen] id 4 len 15

!--- This is an outgoing CONFREQ, with parameters for the peer to implement.
!--- Note that the ID Field is 4, so this is not related to the previous
!--- CONFREQ message.

*Mar 1 00:06:37.058: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 00:06:37.062: BR0:1 LCP: MagicNumber 0x1081E7E1 (0x05061081E7E1)

!--- This router requests:
!--- Option: Authentication Protocol, Value: CHAP
!--- Option: MagicNumber (This is used to detect loopbacks and is always sent.)

*Mar 1 00:06:37.066: BR0:1 LCP: O CONFREJ [Listen] id 7 len 7

!--- This is an outgoing CONFREJ for message with Field ID 7.
!--- This is the response to the CONFREQ received first.

*Mar 1 00:06:37.070: BR0:1 LCP: Callback 0 (0x0D0300)

!--- The option that this router rejects is Callback.
!--- If the router wanted to do MS Callback rather than PPP Callback, it
!--- would have sent a CONFNAK message instead.

*Mar 1 00:06:37.098: BR0:1 LCP: I CONFACK [REQsent] id 4 len 15

!--- This is an incoming CONFACK for a message with Field ID 4.

*Mar 1 00:06:37.102: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 00:06:37.106: BR0:1 LCP: MagicNumber 0x1081E7E1 (0x05061081E7E1)

!--- The peer can support all requested parameters.

*Mar 1 00:06:37.114: BR0:1 LCP: I CONFREQ [ACKrcvd] id 8 len 14

!--- This is an incoming CONFREQ message; the ID field is 8.
!--- This is a new CONFREQ message from the peer in response to the CONFREJ id:7.

*Mar 1 00:06:37.117: BR0:1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 00:06:37.121: BR0:1 LCP: MagicNumber 0x507A214D (0x0506507A214D)

!--- The peer has requested:
!--- Option: Authentication Protocol, Value: PAP
!--- Option: MagicNumber (This is used to detect loopbacks and is always sent.)

*Mar 1 00:06:37.125: BR0:1 LCP: O CONFNAK [ACKrcvd] id 8 len 9

!--- This is an outgoing CONFNACK for a message with Field ID 8.

*Mar 1 00:06:37.129: BR0:1 LCP: AuthProto CHAP (0x0305C22305)

!--- This router recognizes the option Authentication Protocol,
!--- but does not accept the value PAP. In the CONFNAK message,
!--- it suggests CHAP instead.

*Mar 1 00:06:37.165: BR0:1 LCP: I CONFREQ [ACKrcvd] id 9 len 15

!--- This is an incoming CONFREQ message with Field ID 9.

*Mar 1 00:06:37.169: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 00:06:37.173: BR0:1 LCP: MagicNumber 0x507A214D (0x0506507A214D)

!--- CHAP authentication is requested.

*Mar 1 00:06:37.177: BR0:1 LCP: O CONFACK [ACKrcvd] id 9 len 15

!--- This is an outgoing CONFACK for a message with Field ID 9.

*Mar 1 00:06:37.181: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 00:06:37.185: BR0:1 LCP: MagicNumber 0x507A214D (0x0506507A214D)
*Mar 1 00:06:37.189: BR0:1 LCP: State is Open

!--- This indicates that the LCP state is Open.

*Mar 1 00:06:37.193: BR0:1 PPP: Phase is AUTHENTICATING, by both [0 sess, 0 load]

!--- The PPP Phase is AUTHENTICATING. PPP Authentication occurs now.
!--- Two-way authentication is now performed (indicated by the both keyword).

*Mar 1 00:06:37.201: BR0:1 CHAP: O CHALLENGE id 4 len 33 from "CetaMax_01"

!--- This is the outgoing CHAP Challenge.
!--- In LCP the routers had agreed upon CHAP as the authentication protocol.

*Mar 1 00:06:37.225: BR0:1 CHAP: I CHALLENGE id 3 len 33 from "CetaMax_03"

!--- This is an incoming Challenge message from the peer.

*Mar 1 00:06:37.229: BR0:1 CHAP: Waiting for peer to authenticate first
*Mar 1 00:06:37.237: BR0:1 CHAP: I RESPONSE id 4 len 33 from "CetaMax_03"

!--- This is an incoming response from the peer.

*Mar 1 00:06:37.244: BR0:1 CHAP: O SUCCESS id 4 len 4

!--- This router has successfully authenticated the peer.

*Mar 1 00:06:37.248: BR0:1 CHAP: Processing saved Challenge, id 3
*Mar 1 00:06:37.260: BR0:1 CHAP: O RESPONSE id 3 len 33 from "CetaMax_01"
*Mar 1 00:06:37.292: BR0:1 CHAP: I SUCCESS id 3 len 4

!--- This is an incoming Success message. Each side has
!--- successfully authenticated the other.

*Mar 1 00:06:37.296: BR0:1 PPP: Phase is UP [0 sess, 0 load]

!--- The PPP status is now UP. NCP (IPCP) negotiation begins.

*Mar 1 00:06:37.304: BR0:1 IPCP: O CONFREQ [Closed] id 4 len 10
*Mar 1 00:06:37.308: BR0:1 IPCP: Address 172.22.1.1 (0x0306AC160101)

!--- This is an outgoing CONFREQ message. It indicates that
!--- the local machine address is 172.22.1.1.

*Mar 1 00:06:37.312: BR0:1 CDPCP: O CONFREQ [Closed] id 4 len 4
*Mar 1 00:06:37.320: BR0:1 CDPCP: I CONFREQ [REQsent] id 4 len 4
*Mar 1 00:06:37.324: BR0:1 CDPCP: O CONFACK [REQsent] id 4 len 4

!--- These messages are for CDP Control Protocol (CDPCP).

*Mar 1 00:06:37.332: BR0:1 IPCP: I CONFREQ [REQsent] id 4 len 10
*Mar 1 00:06:37.336: BR0:1 IPCP: Address 172.22.1.2 (0x0306AC160102)

!--- This is an incoming CONFREQ message that indicates that the peer
!--- address is 172.22.1.2. An address of 0.0.0.0 indicates that the peer
!--- does not have an address and requests the local router to provide it
!--- with an address in IPCP negotiation.

*Mar 1 00:06:37.344: BR0:1 IPCP: O CONFACK [REQsent] id 4 len 10
*Mar 1 00:06:37.348: BR0:1 IPCP: Address 172.22.1.2 (0x0306AC160102)
*Mar 1 00:06:37.356: BR0:1 IPCP: I CONFACK [ACKsent] id 4 len 10
*Mar 1 00:06:37.360: BR0:1 IPCP: Address 172.22.1.1 (0x0306AC160101)
*Mar 1 00:06:37.363: BR0:1 IPCP: State is Open

!--- The IPCP state is Open. Note that in the IPCP negotiation, each side
!--- accepted the IP address of the peer, and one was assigned to the peer.

*Mar 1 00:06:37.371: BR0:1 CDPCP: I CONFACK [ACKsent] id 4 len 4
*Mar 1 00:06:37.375: BR0:1 CDPCP: State is Open

!--- This indicates that the CDPCP state is Open.

*Mar 1 00:06:37.387: BR0 IPCP: Install route to 172.22.1.2

!--- A route to the peer is installed.

*Mar 1 00:06:38.288: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up
*Mar 1 00:06:42.609: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to CetaMax_03

debug dialer map

To display debugging information about the creation and deletion of dynamic dialer maps, use the debug dialer map command to track large-scale dialout (LSDO) and incoming calls that use dynamic dialer maps. This command shows the whole trace including when the map is created and removed.

If an interface is configured for dial-on-demand routing (DDR), and a map to a specified address does not exist, then a dynamic dialer map is created and when the call disconnects, the dialer map is removed.

Note: Do not configure a dialer string or a dialer map on the incoming interface.

Examples：
In the following sample output from the debug dialer map command, a dialer map is created when an incoming call is connected and removed when that call is disconnected:

Router# debug dialer map
Dial on demand dynamic dialer maps debugging is on

Incoming call connected:

Router#
*Mar 22 12:19:15.597:%LINK-3-UPDOWN:Interface BRI0/0:1, changed state to up

*Mar 22 12:19:17.748:BR0/0:1 DDR:dialer_create_dynamic_map map created for 11.0.0.1

*Mar 22 12:19:18.734:%LINEPROTO-5-UPDOWN:Line protocol on Interface BRI0/0:1, changed state to up

*Mar 22 12:19:21.598:%ISDN-6-CONNECT:Interface BRI0/0:1 is now connected to unknown R2604

Incoming call disconnected:

Router#
*Mar 22 12:21:15.597:%ISDN-6-DISCONNECT:Interface BRI0/0:1 disconnected from R2604, call lasted 120 seconds

*Mar 22 12:21:15.645:%LINK-3-UPDOWN:Interface BRI0/0:1, changed state to down

*Mar 22 12:21:15.649:BR0/0:1 DDR:dialer_remove_dynamic_map map 11.0.0.1 removed

*Mar 22 12:21:16.647:%LINEPROTO-5-UPDOWN:Line protocol on Interface BRI0/0:1, changed state to down

All about the Years, Frustration in Love

If you don’t obtain what you want, it means you’ll be given a better one. by Antony Robinson.

I knew my last girlfriend Karman when I’m on the college, grade 2. She acted as the most important woman in my early life, about 3 years before Nov. 2003. And no matter what to be talking about; she connected everything in that period. She’s some kind of the girl I like to stay with, and some kind of the girl who filled my memory with sweet. Though maybe unhappiess was more in praxis.

I could not help myself in escaping from the very moment at the way she woke me up. I’m sure you’ll laugh out and feel lucky to own such a lovely girlfriend as me, when you find it out. There’s one time, while I was still sleeping and enjoying my dream, all things what I saw are the dreaming frames. But suddenly, the frames lost, and whole of my eye was filled with another big and dark shining eye! Oh, I remembered that must be Karman’s eyes, she always woke up before I did. But, why I could see nothing else but her eyes in the dream, in such a wide screen? I tried to open both of my eyes; do you know what I saw? Karman was propping up my eye by her finger, and covering her eye on mine! I wasn’t in dream right now. I asked her why. She told me that when I was dreaming, she saw my eyes was turning from left to right, and up to down, she’s curiously wanted to know what I was dreaming about. That’s all why she opened my eye. It’s lucky that she didn’t realize the dreams are generate by my brain but not the eyes at the moment, I’m not sure she would open my skull if she did. :)

Yes, all my memory thought that every day with her was honey moon day. She has the magic that can easily emblaze every single boring day, by a small motion, a simple word, and an expression in her eyes on me. We rented a house not far from our university that time. My part-time job earned around 1,500 to 2,000 per month; but we didn’t get enough money for hiring tax home, or even a motor. Usually, we take a bus two or three stops went home. Our first property is a National automatic washing machine and a water heater, which cost more than 1,500 in all. With other spending, we had to plan the meal cost. We arranged that go to restaurant once a week, and snacked in the other days. Yes, under Karman’s scheme, we saved 10,000 in bank for wedding later, at least I was thinking in this way. I didn’t need to work every night, when I stay at home, I would buy snack and wait for her coming back from school, and then we have our supper together. The food was cook in greasiness, a frequent comportment between us are gluing our two oily lips together. Ha, it was sucks, but we were feeling treacle in it. And when I went out for work, she would clean the house before I back home. Every night, we talked about the whole day, I sometimes brought beer and play games with her. I remember the game we play most named “Being Richest under the sky, three”. And we placed a cushion in front of the kitchen room, marked “home, sweet home”. It was a little noise at night, dogs shouted and our there’s a open air tiny dining-room under our house, the customer in the dinning-room often eat so late to break in on our sleeping. She got angry for this sometime, and I would gently flap her back to make her sleep again. So much fragment in my memory and they build my happiest days in our college time.

After graduate, she became an entertainment journalist for one of the biggest newspaper in our city, G20, and earning 5,000 or maybe more per month. And I start to setup my company. It’s hard to log all what we’ve done in that 3 years, from 2001 to 2003. She left me before our 3 years commemorating day, the third month I arrived S21, in telephone. We phone several times later, but haven’t sawn each other after that, up to now.

All about Love

Roy Keane's Time, Ever may Never Again

I collected this video type from google video, thanks for it. Which as a update patchery to my last post for this hero. Yes, he's A man full of wounded, the body and the heart! Step forward, and there will be ample time for both you and me, Roy, with best wishes.

All about the Years. Was 2005 a corner?

I wrote this topic before, but it is interrupted by some reasons. Well, I’ve though about writing with some other one together with whom I share most of this exciting and unforgettable memories. Ha, time changed, just as man’s characters and relationships. In the circumstances, I rewrite this myself. Yes, I’ve to learn to face and handle everything by oneself first, and then I could call up others to build the team. Otherwise, there’s no one would lie on me.

I felt so lucky the last several years before 2004. I earned my first 10,000 when I was still in the college; I became one of the top technical instructors when I was 22; I cannot wait to setup my owned company before graduate; I then found the branch in a totally unacquainted city all by myself. After 18 months, when I leave it, the branch has become the regional leader in the biz area. Except for the fortune, I though I climbed to the top of the life.

However, the 2005; it has been a tough year for me. I was traded out and I broke away from the company I setup. And I leave the city where I earned my first bucket of gold, much more than the standard in universalism. I tried to setup another company in another field, but just met stagnancy. I have to say: I am hurt, so completely. I left no more than 3,000 in the neap period, in the habitual but still strange city. Yeah, thanks for my affectionate wife stay with me to counterwork with the life. And I think about this guy:

A Decade Later and Stronger than Ever.

I started to doubt if it’s the end of luck, or just like an old friend said: one blow will tumble you for years. I remember these words in deep of my heart. That’s why I keep walking even achieved my elementary ambition when others cannot believe I made it in such age. I told myself getting more and working harder in my days, so I will get deposit in adversity. The question gonna to 2005 was really the corner for me?

Ha… Of course not, did you recently see the Reebok’s advertisement acted by Iverson? Ah, how long we’ve forgot this brand? And how long it has been, when we though about the sports article, only Nick and Adidas would come into our mind. Now, Reebok come back, with being beaten black and blue. Ha, I judged from the advertisement. Yes, black and blue or red and green is not the point, the point is even being beaten black, blue, red and green, it still comes back to us. It rises to its feet again.

I am what I am, and I would love to say I am where I am.
Frustrations make me pullulating from a lucky boy to be ripeness as a man, and injury tag the man as a warrior. 2005 was a corner for me, a corner in the line of my life as if a "√"

February 03, 2006

Online Blogging Tools: Writely

Yes, you're right! I'm learning from Steve Rubel in blogging again, and he brings Ten Blogging Hacks today, and I quoted the main points below:

1) Blog Alone or Together with Writely
2) Automatically Post Your Daily del.icio.us Links
3) Auto-Insert Technorati Tags Using ecto
4) Blog from Your Cell Phone
5) Get a Cool Icon for Your Blog
6) Tell the World Where They Can Find You
7) Meet Your Blog Neighbor
8) Make Money with Your Own Blog Schwag Store
9) Create a Blogroll in One Click
10) Give Readers the Option to Subscribe to Updates via Email

And now as you have seen, I have used some points and my blog changed a littel from the last time you came to. Thanks for his 10 recommendations. Well most of the contents can be read from his blog. What I wanna share with you is a online blogging tools: Writely that introduced by Steve. Maybe most of you are same with me in seeking for a good blogging tools. I’ve tried blogger, blogger for word, performancing, and Qumana (I found it from my Google Ads). Well I should say all of them are excellent to be a blogging tools, both online or offline. And they have a nice looking user interface that encourages you to keep writing and updating your blog. It’s surely a important element for a rocket blogger such as me. You could easily find their pros as soon as you take a try for one of them. But I would like to share some drawbacks with you here:

Blogger: Easy to use and a one button blogging, but it’s a nightmare if you post image on your blog after you finishing you text edition.

Blogger for Word: Integrate all Microsoft word’s editing function including formation turning, spell and grammar checking. But it’s indescribable that it doesn’t support image and table. Something more, it makes lots of HTML rubbish in the post.

Performancing: Good and great if you need image inserting to your post! What a pity I found no where to modify font type and set font size by pounds.

I need a one stop blogging tools but what I’m doing is write a draft by word, then paste to notepad for filtering the HTML rubbish. Then, paste to performancing to insert figures, and publish my post to blogger. It’s not the end, remember that performancing cannot modify font type, I have to login to blogger.com again, and using the online blogger editor to set my favorite Trebuchet MS font type. Can you believe I use more than 4 tools to publish every single post in my blog?

OK, here comes Writely, the main different from the blogging tools above, Writely is an online blogging tools and you could ask another to edit the post for you before you post to the public.

And the post won't be deleted but stay on Writely's website for your further modify. That means I can blog even my notepad is not on hand. And the most amazing feature for me is the "Undo last edit" tab! It's the only online blogging tools I've ever seen that contain this function by a realtime caching mechanism. Though the spell checking is not as stronge as word that provides abundant recorrect suggestions.

How to create a RJ-45 loopback adapter

When testing a router that has not been cabled to the network, it is possible to build a loopback adapter out of a single RJ-45 connector and some wire. I recommend that every networker carry one or two of these beasties with you at all times. They come in handy for servers as well.

With the pins facing towards you and starting from the left, the pins on an RJ-45 jack are numbered from 1 to 8. You will need two very short pieces of wire.

1. Wire pin 1 to pin 3.
1. Wire pin 2 to pin 6.

Do not wire any of the other pins.

You are done! Ensure that you have a good crimp on the wires.

debug ip ospf adj (Dailing Problem)

Yeah, here comes to the most common problem when deploying OSPF on a WAN network which using dialing technique.

-- Why doesn't OSPF form adjacency on a PRI, BRI, or dialer interface; and stuck on "EXSTART" state?

Designing OSPF to run on a temporary line will be an utterly catastrophic challenge to network engineers. And totally is a silly choice. I am fed up with solving my customers' network problems which due to the loathsome designing. Besides this P2P network type may lead to OSPF neighborship failure, ip ospf demand-circuit absolute a self-deceiving solution. It solve one problem by creating another, which drop OSPF network into terrible flapping. I like the words from Sam Halabi most: We deploy routing protocols because the network needs one, but not to show off our skill. The best routing protocol to be chosen is the routing protocol that fits the network infrastructure. We use a dialing layer-2 infrastructure ten to one goes to we are using it as a backup line. That's why I always recommend my customers using a static route on the dialing router instead of a dynamic routing protocol.

Let's look at the devil closely. And because we're talking debug ip ospf adj today, we may just observe the half face of it, the other half which come from ip ospf demand-circuit will be talked later next time.

The OSPF network-type on Primary Rate Interface (PRI), Basic Rate Interface (BRI), and dialer interfaces is point-to-point, which means that an interface can't form adjacency with more than one neighbor. A common problem when a PRI, BRI, or dialer interfaces try to form an OSPF adjacency is the neighbor gets stuck in the exstart/exchange process.

Let's look at an example:

Using the show ip ospf neighbor command, we can see the neighbor state is stuck in "EXSTART".

RTR-A#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 1 EXSTART/ - 00:00:37 3.3.3.3 Serial6/0:23
3.3.3.4 1 EXSTART/ - 00:00:39 3.3.3.4 Serial6/0:23

RTR-B#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
3.3.3.2 1 EXSTART/ - 00:00:36 3.3.3.2 BRI0

RTR-C#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
3.3.3.2 1 EXSTART/ - 00:00:35 3.3.3.2 BRI0

We can debug this situation using the debug ip ospf adj command. Let's look at some sample output taken while running this command on RTR-B in the figure above:

1: Send DBD to 3.3.3.2 on BRI0 seq 0xB41 opt 0x42 flag 0x7 len 32
2: Rcv DBD from 3.3.3.2 on BRI0 seq 0x1D06 opt 0x42 flag 0x7 len 32 mtu 1500 state EXSTART
3: First DBD and we are not SLAVE
4: Rcv DBD from 3.3.3.2 on BRI0 seq 0xB41 opt 0x42 flag 0x2 len 92 mtu 1500 state EXSTART
5: NBR Negotiation Done. We are the MASTER
6: Send DBD to 3.3.3.2 on BRI0 seq 0xB42 opt 0x42 flag 0x3 len 92
7: Database request to 3.3.3.2
8: sent LS REQ packet to 3.3.3.2, length 12
9: Rcv DBD from 3.3.3.2 on BRI0 seq 0x250 opt 0x42 flag 0x7 len 32 mtu 1500 state EXCHANGE
10: EXCHANGE - inconsistent in MASTER/SLAVE
11: Bad seq received from 3.3.3.2 on BRI0
12: Send DBD to 3.3.3.2 on BRI0 seq 0x2441 opt 0x42 flag 0x7 len 32
13: Rcv DBD from 3.3.3.2 on BRI0 seq 0x152C opt 0x42 flag 0x2 len 92 mtu 1500 state EXSTART
14: Unrecognized dbd for EXSTART
15: Rcv DBD from 3.3.3.2 on BRI0 seq 0xB42 opt 0x42 flag 0x0 len 32 mtu 1500 state EXSTART
16: Unrecognized dbd for EXSTART

Lines 1 - 3: RTR-B sends the first DBD to 3.3.3.2 (RTR-A) with seq 0xB41 and receives the first DBD from 3.3.3.2 (RTR-A) with seq# 0x1D06. Neighbor negotiation is still not complete.

Lines 4 - 6: RTR-B receives a reply from 3.3.3.2 (RTR-A) indicating that RTR-A received RTR-B's first DBD. Since RTR-B has the higher router ID, RTR-A elects itself slave. After receiving the acknowledgement from RTR-A, RTR-B declares itself master and sends the first DBD with data in it. Note the sequence number, which is 0xB42. Since RTR-B is the master, only it can increment the sequence number.

Line 7: RTR-B requests data from RTR-A since RTR-A indicated it has more data to send (flag set to 0x2 in last DBD received from RTR-A).

Line 8: RTR-B sends a link-state request packet to 3.3.3.2 (RTR-A). This is an OSPF packet type 3. This packet is usually sent to the neighbor's IP address. In this case, the neighbor's IP address is its router ID.

Lines 9 - 11: RTR-B receives a reply from slave (RTR-A) with a completely different sequence number and a flag of 0x7, which is the init flag. This DBD was intended for another router (most likely RTR-C), but RTR-B incorrectly received it. RTR-B declares there is a discrepancy because a flag of 0x7 means the slave has changed its status to master by setting the MS (Master/Slave) bit during the adjacency exchange. RTR-B also complains about the sequence number because it's out of order. The slave should always follow the master's sequence number.

Line 12: RTR-B re-initializes the adjacency by sending the first DBD to 3.3.3.2 to re-elect master and slave.

Lines 13 - 14: RTR-B receives a DBD from 3.3.3.2 (RTR-A), indicating that it's a slave, without recognizing RTR-B's sequence number. RTR-B declares that it doesn't recognize this DBD since the master and slave negotiation is not complete yet. This DBD packet was intended for another router.

Line 15: RTR-B receives a reply from 3.3.3.2 (RTR-A) for the old DBD, but it's too late because RTR-B has already re-initialized the adjacency process.

Line 16: RTR-B fails to recognize this DBD because it is for an "old" adjacency, which RTR-B has already torn down.

This process will repeat endlessly.

The solution? The best solution should always be trying to change OSPF into static route.

OSPF sends a multicast packet for a point-to-point network-type even after the interface achieves the 2-way state. Since RTR-A is trying to form adjacencies with both RTR-B and RTR-C, RTR-B receives DBD packets meant for RTR-C and RTR-C receives DBD packets meant for RTR-B.

To solve this problem, change the network type on all routers to point-to-multipoint. This changes the behavior of OSPF to send unicast packets after the 2-way state. Now RTR-B receives only packets destined for itself and RTR-C receives packets destined for itself. Changing the network-type in this way ensures that the OSPF router will form adjacency on a PRI, BRI, or dialer interface.

To change the network-type, enter the following configuration commands. We'll change RTR-B as an example.

RTR-B#conf term
RTR-B(config)#int bri 0
RTR-B(config-if)#ip ospf network point-to-multipoint
RTR-B(config-if)#end

Now if we look at the show commands for RTR-B, we can verify that the network-type is point-to-multipoint and the state is full.

RTR-B#show ip ospf interface bri0
BRI0 is up, line protocol is up (spoofing)
Internet Address 3.3.3.3/24, Area 2
Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_MULTIPOINT, Cost: 1562
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
Hello due in 00:00:16
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.141.10
Suppress hello for 0 neighbor(s)

RTR-B#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
172.16.141.10 1 FULL/ - 00:01:36 3.3.3.2 BRI0

debug ip ospf adj (Authentication)

We talk about something more about MD5 authentication in this very beginning:

MD5 authentication provides higher security than plain text authentication. This method uses the MD5 algorithm to compute a hash value from the contents of the OSPF packet and a password (or key). This hash value is transmitted in the packet, along with a key ID and a non-decreasing sequence number. The receiver, which knows the same password, calculates its own hash value. If nothing in the message has changed, the receiver's hash value should match the sender's hash value which is transmitted with the message.

The key ID allows the routers to reference multiple passwords. This makes password migration easier and more secure. For example, to migrate from one password to another, configure a password under a different key ID and remove the first key.

The sequence number prevents replay attacks, in which OSPF packets are captured, modified, and retransmitted to a router. As with plain text authentication, MD5 authentication passwords do not have to be the same throughout an area. However, they do need to be the same between neighbors.

R1-2503# debug ip ospf adj

00:51:23: OSPF: Rcv pkt from 192.16.64.2, Serial0 : Mismatch Authentication type. Input packet specified type 0, we use type 1

!--- Indicates that the neighbor is configured
!--- for Null authentication (Type 0) whereas this router is
!--- configured with Plain-text (Type 1) authentication.

00:51:33: OSPF: Rcv pkt from 192.16.64.2, Serial0 : Mismatch Authentication Key - Clear Text

!--- Both neighbors are configured for Plain-text
!--- authentication but Authentication key values do not match.

00:59:33: OSPF: Rcv pkt from 192.16.64.2, Serial0 : Mismatch Authentication type. Input packet specified type 1, we use type 2

!--- Neighbor is configured for Plain text
!--- authentication (Type 1) and this router is configured
!--- for Message digest authentication (Type 2) resulting in mismatch.

00:59:33: OSPF: Send with youngest Key 1
00:59:43: OSPF: Rcv pkt from 192.16.64.2, Serial0 : Mismatch Authentication Key - No message digest key 2 on interface

!--- Signifies that neighbor is configured
!--- for key 2 whereas the local router is configured with Key 1.

debug ip ospf adj (Initial)

Initial Configurations for OSPF Over Broadcast Media. Since the article is not presented for a rocket in networking but an expert-level networker, I ignored the detail configuration and just provide the sample network topology. And you should post your configuration on the routers before you issue the debug command in your lab. Here comes......

Router1#debug ip ospf adj
OSPF adjacency events debugging is on

*Mar 1 01:41:23.319: OSPF: Rcv DBD from 172.16.10.1 on Ethernet0 seq 0x1F6C opt 0x42 flag 0x7 len 32 mtu 1500 state INIT
*Mar 1 01:41:23.323: OSPF: 2 Way Communication to 172.16.10.1 on Ethernet0, state 2WAY
*Mar 1 01:41:23.327: OSPF: Neighbor change Event on interface Ethernet0
*Mar 1 01:41:23.327: OSPF: DR/BDR election on Ethernet0
*Mar 1 01:41:23.331: OSPF: Elect BDR 172.16.10.1
*Mar 1 01:41:23.331: OSPF: Elect DR 192.168.45.1
*Mar 1 01:41:23.335: DR: 192.168.45.1 (Id) BDR: 172.16.10.1 (Id)
*Mar 1 01:41:23.339: OSPF: Send DBD to 172.16.10.1 on Ethernet0 seq 0x2552 opt 0x42 flag 0x7 len 32
*Mar 1 01:41:23.343: OSPF: First DBD and we are not SLAVE
*Mar 1 01:41:23.359: OSPF: Rcv DBD from 172.16.10.1 on Ethernet0 seq 0x2552 opt 0x42 flag 0x2 len 52 mtu 1500 state EXSTART
*Mar 1 01:41:23.363: OSPF: NBR Negotiation Done. We are the MASTER
*Mar 1 01:41:23.367: OSPF: Send DBD to 172.16.10.1 on Ethernet0 seq 0x2553 opt
0x42 flag 0x3 len 72
*Mar 1 01:41:23.387: OSPF: Rcv DBD from 172.16.10.1 on Ethernet0 seq 0x2553 opt 0x42 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 01:41:23.391: OSPF: Send DBD to 172.16.10.1 on Ethernet0 seq 0x2554 opt 0x42 flag 0x1 len 32
*Mar 1 01:41:23.411: OSPF: Rcv DBD from 172.16.10.1 on Ethernet0 seq 0x2554 opt 0x42 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 01:41:23.415: OSPF: Exchange Done with 172.16.10.1 on Ethernet0
*Mar 1 01:41:23.419: OSPF: Synchronized with 172.16.10.1 on Ethernet0, state FULL
01:41:23: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.10.1 on Ethernet0 from LOADING to FULL, Loading Done
*Mar 1 01:41:23.879: OSPF: Build router LSA for area 0, router ID 192.168.45.1,seq 0x80000004
*Mar 1 01:41:23.923: OSPF: Build network LSA for Ethernet0, router ID 192.168.45.1
*Mar 1 01:41:25.503: OSPF: Neighbor change Event on interface Ethernet0
*Mar 1 01:41:25.507: OSPF: DR/BDR election on Ethernet0
*Mar 1 01:41:25.507: OSPF: Elect BDR 172.16.10.1
*Mar 1 01:41:25.511: OSPF: Elect DR 192.168.45.1
*Mar 1 01:41:25.511: DR: 192.168.45.1 (Id) BDR: 172.16.10.1 (Id)

I'm explaining the opt field below and opt field is with responsibility for identifing the OSPF area type. It’s a number in hex, and after converted into bin, you will see what each bit is standing for:

Normal area:
OSPF: Send DBD to 141.108.97.1 on Serial0 seq 0xBC4 opt 0x2 flag 0x3 len 492
E bit is 1, Allow externals,
Option: 0x2(HEX) = 00000010(Bin)

Stub area:
OSPF: Send DBD to 141.108.97.1 on Serial0 seq 0x1866 opt 0x0 flag 0x3 len 372
E bit is 0, no external allowed,
Options: 0x0(HEX) = 00000000(Bin)

NSSA:
OSPF: Send DBD to 141.108.97.1 on Serial0 seq 0x118 opt 0x8 flag 0x3 len 372
N/P bit is on,
Options: 0x8(HEX) = 00001000(Bin)

DC:
OSPF: Send DBD to 141.108.97.1 on Serial0 seq 0x1A1E opt 0x20 flag 0x3 len 392
DC bit is negotiated,
Options: 0x20(HEX) = 00100000(Bin)

Then comes to the flag field, which presents the synchronization processing between Master and Slave routers.

Flag 0x7(HEX) -- 111(Bin) means:
I = 1(incremental)/0(Initial),
M = 1(More)/0(No more),
MS = 1(Master)/0(Slave)

Flag 0x6(HEX) -- 110(Bin) not possible
Flag 0x5(HEX) -- 101(Bin) not possible
Flag 0x4(HEX) -- 100(Bin) not possible
Flag 0x3(HEX) -- 011(Bin) means master has more data to send
Flag 0x2(HEX) -- 010(Bin) means slave has more data to send
Flag 0x1(HEX) -- 001(Bin) means master has no more data left to send
Flag 0x0(HEX) -- 000(Bin) means slave has no more data left to send

To verify the hello timer value, the debug ip ospf events command is used. This is the output of that command.

Router1#debug ip ospf events
OSPF events debugging is on
Router1#

*Mar 1 04:04:11.926: OSPF: Rcv hello from 172.16.10.1 area 0 from Ethernet0 10.10.10.2
*Mar 1 04:04:11.930: OSPF: End of hello processing
*Mar 1 04:04:21.926: OSPF: Rcv hello from 172.16.10.1 area 0 from Ethernet0 10.10.10.2
*Mar 1 04:04:21.930: OSPF: End of hello processing
*Mar 1 04:04:31.926: OSPF: Rcv hello from 172.16.10.1 area 0 from Ethernet0 10.10.10.2
*Mar 1 04:04:31.930: OSPF: End of hello processing
*Mar 1 04:04:41.926: OSPF: Rcv hello from 172.16.10.1 area 0 from Ethernet0 10.10.10.2
*Mar 1 04:04:41.930: OSPF: End of hello processing

From the output, you can see that the hello packet is exchanged every 10 seconds.

debug ip ospf spf statistic

To display statistical information while running the shortest path first (SPF) algorithm, use the debug ip ospf spf statistic command in privileged EXEC mode.

Examples:
The following is sample output from the debug ip ospf spf statistic command:

Router# debug ip ospf spf statistic
00:05:59: OSPF: Begin SPF at 359.216ms, process time 60ms
00:05:59: spf_time 00:05:59.216, wait_interval 0s
00:05:59: OSPF: End SPF at 359.216ms, Total elapsed time 0ms
00:05:59: Intra: 0ms, Inter: 0ms, External: 0ms
00:05:59: R: 4, N: 2, Stubs: 1
00:05:59: SN: 1, SA: 0, X5: 1, X7: 0
00:05:59: SPF suspends: 0 intra, 1 total

Below describes the significant fields shown in the display:

debug ip ospf events

To display information on OSPF-related events, such as adjacencies, flooding information, designated router selection, and shortest path first (SPF) calculation, use the debug ip ospf events command in privileged EXEC mode.

Examples：
The following is sample output from the debug ip ospf events command:

Router# debug ip ospf events
OSPF:hello with invalid timers on interface Ethernet0
hello interval received 10 configured 10
net mask received 255.255.255.0 configured 255.255.255.0
dead interval received 40 configured 30

Pay attention to the "received" and "configured" parameters, they must be accurately match with each others. "Received" means the parameter that you are receiving from your neighbor, and "Configured" means the parameter that you are configuring on your router (the debugging router). It's a useful command for you to find out the OSPF neighborship establishing problems by comparing if the parameters between "received" and "configured" are matched. If not, a neighborship will never up between these routers

The debug ip ospf events output shown might appear if any of the following situations occurs:

The IP subnet masks for routers on the same network do not match.
The OSPF hello interval for the router does not match that configured for a neighbor.
The OSPF dead interval for the router does not match that configured for a neighbor.

If a router configured for OSPF routing is not seeing an OSPF neighbor on an attached network, perform the following tasks:

Make sure that both routers have been configured with the same IP mask, OSPF hello interval, and OSPF dead interval.
Make sure that both neighbors are part of the same area type.

In the following example line, the neighbor and this router are not part of a stub area (that is, one is a part of a transit area and the other is a part of a stub area, as explained in RFC 1247)

OSPF: hello packet with mismatched E bit

debug ip ospf packet

I have collected debugging outputs and tried to descript what it means and what evens it shows is operating on the network since 2 years ago. I think as an expert level network troubleshooter, you need to find out where the problem is, but also tell your client why the network is operating abnormally. Some engineers, I am not talking about the common networkers, what I am talking about including a large amount of CCIE which means the expert level engineers, they totally understand nothing about how to use debug command on routers and switches, or how to use this information to enhance their troubleshooting skills. I am thinking unsafe to run my business upon networks that established by these "experts". I hope they read my post and be more professional to their work.

We'll talk about the OSPF packets first.

To display information about each Open Shortest Path First (OSPF) packet received, use the debug ip ospf packet command in privileged EXEC mode.

Examples:

The following is sample output from the debug ip ospf packet command:

Router# debug ip ospf packet
OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.117
aid:0.0.0.0 chk:6AB2 aut:0 auk:

The debug ip ospf packet command produces one set of information for each packet received. The output varies slightly depending on which authentication is used. The following is sample output from the debug ip ospf packet command when message digest algorithm 5 (MD5) authentications is used.

Router# debug ip ospf packet
OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.116
aid:0.0.0.0 chk:0 aut:2 keyid:1 seq:0x0

Below describes the significant fields shown in the display.

February 01, 2006

Feeling to Your Blog

There’s a sentence displayed on top of my feed’s circulation status figure, every time I login to feedburner. I found something interesting that it appears in a random sequence, and every time I refresh the page, it changes to another. I collected some of them and maybe you’d like one to be used as your blog feed description for you. Just for funny.

My Wondrous World of Feeds
My Always-Bright Feeds
My Good-Natured Feeds
My Fanatical Feeds
My Splendiferous Feeds
My Lofty Feeds
My Hella Good Feeds
My Sunny-Side Up Feeds
My Lucky Bamboo Feeds
My First-Class Feeds
My Frisky Feeds
My Cherry-On-The-Top Feeds
My Flourishing Feeds
My Hot-To-Trot Feeds
My Zamboni-esque Feeds
My Year of the Dog Feeds
My Grande Pesto Macchiato Feeds
My Hella Good Feeds
My Caramel Coolata Feeds
My Forecast Says Sunny Feeds
My Favorite Feeds
My Rarely Fubar'd Feeds
My Fab Feeds
My Delicious Feeds
My Olympiad Feeds
My Bubblicious Feeds
My Root for the Underdog Feeds
My Mod Feeds
My Vanilla Ain't Plain Feeds
My Flourishing Feeds
My Cherry-On-The-Top Feeds
My “I’m So Proud of You” Feeds

Your Blog's Google Health

Here are some hacks for analyzing your blog’s health by using Google, from Nick Wilson. I learned these commands long ago, yet Nick makes this summarization for us. And more important for the bloggers who can not wait to present their blogs to the world, it will tell you how to check your blog’s status of indexing process by Google, your blog’s neighborhood, and linking towards your blog. I collected a command table for quick reference below, and change cetamace.blogspot.com into you own domain name when you’re using them.

"Query Type" ---> [Command]
"Indexed pages in your site" --> [site:cetamac.blogspot.com]
"Pages that refer to your site" --> [allinurl:cetamac.blogspot.com]
"Pages that link to your site" --> [link:cetamac.blogspot.com]
"The current cache of your site" --> [cache:cetamac.blogspot.com]
"Info. we have about your site" --> [info:cetamac.blogspot.com]
"Pages that similar to your site" --> [related:cetamac.blogspot.com]

Also, you would find the full google search command list here. And Google is now offering a new glimpse at exactly how their spider views your Website, Google Sitemaps.

Follow these steps:
1. Login to your Google account (AdWords, Gmail or Analytics)
2. Enter your Website URL at the bottom of Google’s Sitemap.
3. Verify your Website by creating a uniquely-named, but empty HTML file and uploading it to your server. Click on the “verify” link to view instructions on how to do this. More info about verifying your site.
4. Click the “View stats” link

And you can find out:
* The most popular queries that your Website shows up for
* The top queries from which you get click thorough
* Crawl statistics: Pages successfully crawled, pages blocked by robots.txt, pages that generated HTTP errors or were unreachable
* The PageRank distribution within your site
* Various indexing stats (pages indexed, etc.)

Ceta.Mac'S Blog