Properway to right a network statement.

Hondabuff

So I'm going through the Route and have always typed out the network statement under EIGRP/OSPF with out much thought. So the test networks I always use are 10.2.76.1 255.255.254.0, 10.2.78.1 255.255.254.0, 172.16.1.1 255.255.255.0

EIGRP
network 10.2.76.0
network 10.2.78.0
network 172.16.1.0

OSPF
network 10.2.76.0 0.0.1.255 area 0
network 10.2.78.0 0.0.1.255 area 0
network 172.16.1.0 0.0.0.255 area 0

Is this the proper way to right them or should I be doing something different? It works just fine but was curious if there was a best practice or guide.

networker050184

I always prefer to use 0.0.0.0 network statements in a production environment along with passive-default. On the newer IOS releases that support interface based OSPFv2 config I much prefer that. In a lab I just do whatever. I usually use the 10/8 for my router links and do a 10.0.0.0 0.255.255.255 network statement so I don't have to worry about going back and adding it.

As far as the 'right' way to do it, that all depends on your network standards. Always more than one way to make something work.

FloOz

I typically do it to the host IP just to be safe.

e.g
network 10.2.76.1 0.0.0.0
network 10.2.76.1 0.0.0.0 area 0

Hondabuff

I like the host ID method, easy to remember after you do a "show ip interface brief"

theodoxa

What networker050184 said.

I prefer --

router eigrp 1
  no auto-summary
  network 0.0.0.0
  passive-interface default
  no passive-interface FastEthernet 0/0
  no passive-interface Serial 0/0
  exit

That said, you will be expected [on Cisco exams] to know how to write a network statement for a specific subnet or interface.

BTW, I would personally use a distribute list to limit what subnets are advertised/learned.

networker050184

That is not what I meant theodoxa sorry for the confusion. What I prefer is what FloOz put. A /32 network statement with the interface IP. If I was going to use your method I'd use whatever block you are going to address your router to router links off rather than a blanket everything. I really like to control what get's into my routing protocols. That way someone has to try really hard to do something stupid.

Dieg0M

Should get used to doing it at the interface level as it is shifting that way with NX-OS and IPv6

d4nz1g

Well, I would do like

int e0/0
ip os xx area y

networker050184

Unfortunately that method is not supported in all versions of IOS d4nz1g. I try to keep things that can be configured the same across versions to help make automation, audits and templatization as easy as possible with as few caveats as possible.

Hondabuff

Just started to watch the Cisco Video Mentor CCNP Route video series from Kevin Wallace and boy is it good. He throws a lot of cool tips as he goes. One was a short cut for writing your wildcard statements. You take 255 minus each octet. So if you have 255.255.254.0, you subtract 255 from each which leaves you 0.0.1.255. He also said that the IOS will also automatically do it for you. I confirmed it on my lab. Here is my example.
So my question is, Why would you need to even write a wild card mask if you can just right the subnet mask?

works with EIGRP or OSPF
R1(config)#router eigrp 1
R1(config-router)#network 10.2.76.1 255.255.254.0
R1(config-router)#network 172.16.1.1 255.255.255.0
R1(config-router)#network 3.3.3.3 255.255.255.255

R1#sho ip protocols
Routing Protocol is "eigrp 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: eigrp 1
EIGRP NSF-aware route hold timer is 240s
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
3.3.3.3/32
10.2.76.0/23
172.16.1.0/24
Routing Information Sources:
Gateway Distance Last Update
Distance: internal 90 external 170

gorebrush

In a production environment I would want to be exact with network statements. It's sloppy to do like, 0.0.255.255 or something similar. Oh, and it's a security thing - if you enable a new interface then you could have OSPF going off in directions you don't want.

In a lab, I generally don't care though.

Hondabuff

gorebrush wrote: »

In a production environment I would want to be exact with network statements. It's sloppy to do like, 0.0.255.255 or something similar. Oh, and it's a security thing - if you enable a new interface then you could have OSPF going off in directions you don't want.

In a lab, I generally don't care though.

Since you touched the Security aspect of it, It was also brought up that the passive interface default should always be used then use the "no passive interface" command to assign what routes go out which interface. Works great for branch offices where the route updates only need to go out the VPN tunnel.

gorebrush

Yes that would cover it too.

xnx

I'd stick to the actual host address itself e.g 'network 10.24.12.254 0.0.0.0'

Hondabuff

So here is another question I thought of while watching the video series and it deals with route summarization. What is the rule for how may routes have to be on a router before you have to summarize? OSPF was written on a cave wall and we Cisco students tell the stories to our children of our elders ways. I mean seriously, with todays processors you should be able to have a hundred routes and not have to worry about conserving memory. One of the other unwritten rules was Cisco recommends no more then 100 hosts per network due to broadcasts, hence why corporations like using the /23 subnet mask.

networker050184

There really isn't a rule. Different hardware has different forwarding table sizes, different processing power etc.

As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.

gorebrush

I think a lot has to do with the design, I mean why would you want stuff that's non area zero with anything other than it's own area and a default route towards A0 anyway?

Inside A0 I'm sure I read like, 500 routers should be in A0, so that by itself can create a few thousand routes if we imagine that each router has a leg or two or different networks.

Not sure if OSPF can reach BGP scale though... ?

Hondabuff

networker050184 wrote: »

There really isn't a rule. Different hardware has different forwarding table sizes, different processing power etc.

As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.

As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.


That's one of those statements that you hear thrown around but no one says what is the max limit. Limit=500. Learned that somewhere in my Cisco travels and painted it on my cave wall to tell my kids

gorebrush

That one is for hosts I think. Though I reckon Cisco just like, 500.

networker050184

Well, there really isn't a max limit to a hard number. There are suggestions sure, but it's really more how much broadcast traffic is being generated.

d4nz1g

networker050184 wrote: »

Unfortunately that method is not supported in all versions of IOS d4nz1g. I try to keep things that can be configured the same across versions to help make automation, audits and templatization as easy as possible with as few caveats as possible.

Never heard of that before, thanks for warning me
All the devices that I have ever used supported this configuration, mainly ISR routers with ios 12.4 and 15

Iristheangel

I also use the host address. I used to put the specific subnet in but I've grown a bit more picky as time goes on. If the IOS version allows it or I'm on NX-OS, I'm adding it at the interface-level.

As far as broadcasts, I shy away from giving a hard number. "It depends" is really the answer anyone should give before they get more information. Is this a branch, corporate office, data center, etc? What kind of applications are being run on the hosts on this broadcast domain? How many hosts? And similar questions need to be answered. I had a customer ask me for a hard number a couple of months ago and I wouldn't give him a hard answer until he gave me a bit more information on the environment. In the end, he was running a ton of legacy equipment that was EXTREMELY chatty so having 500 hosts on that subnet wouldn't have been the way to go.