Version 4.1 - 1.5 Routing Protocols Part 5
I was going to start with BGP Multipath, but that relates more to MPLS and will be covered in that section (1.10). For now, just know that it exists and is different from MBGP.
MBGP is Multiprotocol BGP. The Cisco Documentation for Multiprotocol BGP Extensions for IP Multicast Commands is a bit of a heavy read. Just skim that one and know it exists. You might also want to take a look at Multiprotocol BGP for IPv6 Configuration Example just for good measure.
And of course, there is authentication for peers in BGP. The MD5 Authentication between BGP Peers configuration example is pretty simple and straightforward. Another item of note is the Administrative Distance for BGP. External BGP routes have an AD of 20. Internal BGP routes have an AD of 200. Lower AD is preferred.
One more thing that you really need to know is Regular Expressions. They are used in BGP extensively. Cisco has a page that covers Using Regular Expressions in BGP which gives some good examples. You will want to read that one. There are multiple places in the documentation that cover Regex. I can just about guarantee there will be at least one question on your exam that uses this information. If it's not a BGP question, it will pop up later on when you are filtering urls. Or something in a route map. You will have to distinguish between several choices of items with regex. Know what these special characters mean.
And that ends the specific Routing Protocols discussion. Now onto the Protocol Independent routing security information.
Notice that most of the routing protocols just automagically discovered neighbors. This is not good. You wouldn't throw a party and just leave the front door open, would you? Anyone could walk in. Some might just pop in to be nosy, but others might come in and steal the silverware. Good locks make good neighbors. And good authentication makes for good routing tables. You want the information in your routing tables to be reliable. So manually configure your neighbors and use authentication.
Know what passive interfaces are (with respect to routing protocols) and use them to control routing information.
Route filtering is another tool to control routing information. I don't think this exam will cover the specifics of configuring route maps and prefix lists, but you should understand the use of:
* Route Maps
* Prefix Lists
* Distribute Lists
* Peer Prefix Filtering
* Maximum Prefix Filtering
* EIGRP Stub Routing
* Route Redistribution Filtering
You should also know about TTL Security Checks. Both OSPF and BGP have this feature.
Infrastructure ACLs (iACLs) and Receive ACLs (rACLs) are also features that protect your routing environment. You won't need to configure one on the exam, but know their function and placement. "The ACL is applied at ingress to your network on all externally facing connections, such as peering connections, customer connections, and so forth."
You should also know about Control Plane Policing and Control Plane Protection. [CoPP] If you've done QoS, you're very familiar with this stuff. This will be covered in greater depth in section 6.1 (Router hardening features) along with MPP.
And I am finally at the end of the material I wanted to cover under Routing Protocols. It was good to review and it is building my confidence in my knowledge base. To look at the material and realize you know more about the topic than will be covered in the exam is helpful. Hopefully I have highlighted some topics for you for further study or refreshed your memory on some of the details that may have gotten lost over the years.