Properway to right a network statement.

HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
So I'm going through the Route and have always typed out the network statement under EIGRP/OSPF with out much thought. So the test networks I always use are 10.2.76.1 255.255.254.0, 10.2.78.1 255.255.254.0, 172.16.1.1 255.255.255.0

EIGRP
network 10.2.76.0
network 10.2.78.0
network 172.16.1.0

OSPF
network 10.2.76.0 0.0.1.255 area 0
network 10.2.78.0 0.0.1.255 area 0
network 172.16.1.0 0.0.0.255 area 0

Is this the proper way to right them or should I be doing something different? It works just fine but was curious if there was a best practice or guide.
“The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    I always prefer to use 0.0.0.0 network statements in a production environment along with passive-default. On the newer IOS releases that support interface based OSPFv2 config I much prefer that. In a lab I just do whatever. I usually use the 10/8 for my router links and do a 10.0.0.0 0.255.255.255 network statement so I don't have to worry about going back and adding it.

    As far as the 'right' way to do it, that all depends on your network standards. Always more than one way to make something work.
    An expert is a man who has made all the mistakes which can be made.
  • FloOzFloOz Member Posts: 1,614 ■■■■□□□□□□
    I typically do it to the host IP just to be safe.

    e.g
    network 10.2.76.1 0.0.0.0
    network 10.2.76.1 0.0.0.0 area 0
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    I like the host ID method, easy to remember after you do a "show ip interface brief"
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • theodoxatheodoxa Member Posts: 1,340 ■■■■□□□□□□
    What networker050184 said.

    I prefer --
    router eigrp 1
      no auto-summary
      network 0.0.0.0
      passive-interface default
      no passive-interface FastEthernet 0/0
      no passive-interface Serial 0/0
      exit
    

    That said, you will be expected [on Cisco exams] to know how to write a network statement for a specific subnet or interface.

    BTW, I would personally use a distribute list to limit what subnets are advertised/learned.
    R&S: CCENT CCNA CCNP CCIE [ ]
    Security: CCNA [ ]
    Virtualization: VCA-DCV [ ]
  • networker050184networker050184 Mod Posts: 11,962 Mod
    That is not what I meant theodoxa sorry for the confusion. What I prefer is what FloOz put. A /32 network statement with the interface IP. If I was going to use your method I'd use whatever block you are going to address your router to router links off rather than a blanket everything. I really like to control what get's into my routing protocols. That way someone has to try really hard to do something stupid.
    An expert is a man who has made all the mistakes which can be made.
  • Dieg0MDieg0M Member Posts: 861
    Should get used to doing it at the interface level as it is shifting that way with NX-OS and IPv6
    Follow my CCDE journey at www.routingnull0.com
  • d4nz1gd4nz1g Member Posts: 464
    Well, I would do like

    int e0/0
    ip os xx area y
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Unfortunately that method is not supported in all versions of IOS d4nz1g. I try to keep things that can be configured the same across versions to help make automation, audits and templatization as easy as possible with as few caveats as possible.
    An expert is a man who has made all the mistakes which can be made.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    Just started to watch the Cisco Video Mentor CCNP Route video series from Kevin Wallace and boy is it good. He throws a lot of cool tips as he goes. One was a short cut for writing your wildcard statements. You take 255 minus each octet. So if you have 255.255.254.0, you subtract 255 from each which leaves you 0.0.1.255. He also said that the IOS will also automatically do it for you. I confirmed it on my lab. Here is my example.
    So my question is, Why would you need to even write a wild card mask if you can just right the subnet mask?

    works with EIGRP or OSPF
    R1(config)#router eigrp 1
    R1(config-router)#network 10.2.76.1 255.255.254.0
    R1(config-router)#network 172.16.1.1 255.255.255.0
    R1(config-router)#network 3.3.3.3 255.255.255.255

    R1#sho ip protocols
    Routing Protocol is "eigrp 1"
    Outgoing update filter list for all interfaces is not set
    Incoming update filter list for all interfaces is not set
    Default networks flagged in outgoing updates
    Default networks accepted from incoming updates
    EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
    EIGRP maximum hopcount 100
    EIGRP maximum metric variance 1
    Redistributing: eigrp 1
    EIGRP NSF-aware route hold timer is 240s
    Automatic network summarization is in effect
    Maximum path: 4
    Routing for Networks:
    3.3.3.3/32
    10.2.76.0/23
    172.16.1.0/24
    Routing Information Sources:
    Gateway Distance Last Update
    Distance: internal 90 external 170
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    In a production environment I would want to be exact with network statements. It's sloppy to do like, 0.0.255.255 or something similar. Oh, and it's a security thing - if you enable a new interface then you could have OSPF going off in directions you don't want.

    In a lab, I generally don't care though.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    gorebrush wrote: »
    In a production environment I would want to be exact with network statements. It's sloppy to do like, 0.0.255.255 or something similar. Oh, and it's a security thing - if you enable a new interface then you could have OSPF going off in directions you don't want.

    In a lab, I generally don't care though.

    Since you touched the Security aspect of it, It was also brought up that the passive interface default should always be used then use the "no passive interface" command to assign what routes go out which interface. Works great for branch offices where the route updates only need to go out the VPN tunnel.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    Yes that would cover it too.
  • xnxxnx Member Posts: 464 ■■■□□□□□□□
    I'd stick to the actual host address itself e.g 'network 10.24.12.254 0.0.0.0'
    Getting There ...

    Lab Equipment: Using Cisco CSRs and 4 Switches currently
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    So here is another question I thought of while watching the video series and it deals with route summarization. What is the rule for how may routes have to be on a router before you have to summarize? OSPF was written on a cave wall and we Cisco students tell the stories to our children of our elders ways. I mean seriously, with todays processors you should be able to have a hundred routes and not have to worry about conserving memory. One of the other unwritten rules was Cisco recommends no more then 100 hosts per network due to broadcasts, hence why corporations like using the /23 subnet mask.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • networker050184networker050184 Mod Posts: 11,962 Mod
    There really isn't a rule. Different hardware has different forwarding table sizes, different processing power etc.

    As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.
    An expert is a man who has made all the mistakes which can be made.
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    I think a lot has to do with the design, I mean why would you want stuff that's non area zero with anything other than it's own area and a default route towards A0 anyway?

    Inside A0 I'm sure I read like, 500 routers should be in A0, so that by itself can create a few thousand routes if we imagine that each router has a leg or two or different networks.

    Not sure if OSPF can reach BGP scale though... ?
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    There really isn't a rule. Different hardware has different forwarding table sizes, different processing power etc.

    As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.


    As far as broadcast, some systems are pretty chatty with broadcasts. It's best to keep the broadcast domains as small as possible.


    That's one of those statements that you hear thrown around but no one says what is the max limit. Limit=500. Learned that somewhere in my Cisco travels and painted it on my cave wall to tell my kids :D
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    That one is for hosts I think. Though I reckon Cisco just like, 500.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Well, there really isn't a max limit to a hard number. There are suggestions sure, but it's really more how much broadcast traffic is being generated.
    An expert is a man who has made all the mistakes which can be made.
  • d4nz1gd4nz1g Member Posts: 464
    Unfortunately that method is not supported in all versions of IOS d4nz1g. I try to keep things that can be configured the same across versions to help make automation, audits and templatization as easy as possible with as few caveats as possible.


    Never heard of that before, thanks for warning me :)
    All the devices that I have ever used supported this configuration, mainly ISR routers with ios 12.4 and 15
  • IristheangelIristheangel Mod Posts: 4,133 Mod
    I also use the host address. I used to put the specific subnet in but I've grown a bit more picky as time goes on. If the IOS version allows it or I'm on NX-OS, I'm adding it at the interface-level.

    As far as broadcasts, I shy away from giving a hard number. "It depends" is really the answer anyone should give before they get more information. Is this a branch, corporate office, data center, etc? What kind of applications are being run on the hosts on this broadcast domain? How many hosts? And similar questions need to be answered. I had a customer ask me for a hard number a couple of months ago and I wouldn't give him a hard answer until he gave me a bit more information on the environment. In the end, he was running a ton of legacy equipment that was EXTREMELY chatty so having 500 hosts on that subnet wouldn't have been the way to go.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
Sign In or Register to comment.