Earning your Cisco CCNA and CCNP is a tough proposition, and part of that is the fact that you quickly learn that there’s usually more than one way to do things with Cisco routers – and while that’s generally a good thing, you better know the ins and outs of all options when it comes to test day and working on production networks. Working with Frame Relay subinterfaces and split horizon is just one such situation.

One reason for the use of subinterfaces is to circumvent the rule of split horizon. You recall from your CCNA studies that split horizon dictates that a route cannot be advertised out the same interface upon which it was learned in the first place. In the following example, R1 is the hub and R2 and R3 are the spokes. All three routers are using their physical interfaces for frame relay connectivity, and they are also running RIPv2 172.12.123.0 /24. Each router is also advertising a loopback interface, using the router number for each octet.

R1(config)#int s0

R1(config-if)#ip address 172.12.123.1 255.255.255.0

R1(config-if)#no frame inverse

R1(config-if)#frame map ip 172.12.123.2 122 broadcast

R1(config-if)#frame map ip 172.12.123.3 123 broadcast

R1(config-if)#no shut

R2(config)#int s0

R2(config-if)#encap frame

R2(config-if)#no frame inver

R2(config-if)#frame map ip 172.12.123.1 221 broadcast

R2(config-if)#frame map ip 172.12.123.3 221 broadcast

R2(config-if)#ip address 172.12.123.2 255.255.255.0

R3(config)#int s0

R3(config-if)#encap frame

R3(config-if)#no frame inver

R3(config-if)#frame map ip 172.12.123.1 321 broadcast

R3(config-if)#frame map ip 172.12.123.2 321 broadcast

R3(config-if)#ip address 172.12.123.3 255.255.255.0

R1#show ip route rip

2.0.0.0/32 is subnetted, 1 subnets

R 2.2.2.2 [120/1] via 172.12.123.2, 00:00:20, Serial0

3.0.0.0/32 is subnetted, 1 subnets

R 3.3.3.3 [120/1] via 172.12.123.3, 00:00:22, Serial0

R2#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:06, Serial0

R3#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:04, Serial0

The hub router R1 has a route to both loopbacks, but neither spoke has a route to the other spoke’s loopback. That’s because split horizon prevents R1 from advertising a network via Serial0 if the route was learned on Serial0 to begin with.

We’ve got two options here, one of which is to disable spilt horizon on the interface. While doing so will have the desired effect in our little network, disabling split horizon is not a good idea and should be avoided whenever possible. We’re not going to do it in this lab, but here is the syntax to do so:

R1(config)#interface serial0

R1(config-if)#no ip split-horizon

A better solution is to configure subinterfaces on R1. The IP addressing will have to be revisited, but that’s no problem here. R1 and R2 will use 172.12.123.0 /24 to communicate, while R1 and R3 will use 172.12.13.0 /24. R3’s serial0 interface will need to be renumbered, so let’s look at all three router configurations:

R1(config)#interface serial0

R1(config-if)#encap frame

R1(config-if)#no frame inverse-arp

R1(config-if)#no ip address

R1(config-if)#interface serial0.12 multipoint

R1(config-subif)#ip address 172.12.123.1 255.255.255.0

R1(config-subif)#frame map ip 172.12.123.2 122 broadcast

R1(config-subif)#interface serial0.31 point-to-point

R1(config-subif)#ip address 172.12.13.1 255.255.255.0

R1(config-subif)#frame interface-dlci 123

R2(config)#int s0

R2(config-if)#ip address 172.12.123.2 255.255.255.0

R2(config-if)#encap frame

R2(config-if)#frame map ip 172.12.13.3 221 broadcast

R2(config-if)#frame map ip 172.12.123.1 221 broadcast

R3(config)#int s0

R3(config-if)#ip address 172.12.13.3 255.255.255.0

R3(config-if)#encap frame

R3(config-if)#frame map ip 172.12.13.1 321 broadcast

R3(config-if)#frame map ip 172.12.123.2 321 broadcast

A frame map statement always names the REMOTE IP address and the LOCAL DLCI. Don’t forget the broadcast option!

Show frame map shows us that all the static mappings on R1 are up and running. Note the “static” output, which indicates these mappings are a result of using the frame map command. Pings are not shown, but all three routers can ping each other at this point.

R1#show frame map

Serial0 (up): ip 172.12.123.2 dlci 122(0×7A,0×1CA0), static,

broadcast, CISCO, status defined, active

Serial0 (up): ip 172.12.13.3 dlci 123(0×7B,0×1CB0), static,

broadcast, CISCO, status defined, active

After the 172.12.13.0 /24 network is added to R1 and R3’s RIP configuration, R2 and R3 now have each other’s loopback network in their RIP routing tables.

R2#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:20, Serial0

3.0.0.0/32 is subnetted, 1 subnets

R 3.3.3.3 [120/1] via 172.12.123.1, 00:00:22, Serial0

R3#show ip route rip

1.0.0.0/32 is subnetted, 1 subnets

R 1.1.1.1 [120/1] via 172.12.13.1, 00:00:20, Serial0

2.0.0.0/32 is subnetted, 1 subnets

R 2.2.2.2 [120/1] via 172.12.13.1, 00:00:22, Serial0

While turning split horizon off is one way to achieve total IP connectivity, doing so can have other unintended results. The use of subinterfaces is a more effective way of allowing the spokes to see the hub’s loopback network.

Whether you’re just starting to think about passing the CCNA or CCNP exams, or you’ve been on the certification track for a while, you’ve got to have a plan for success. If you wanted to drive your car from Florida to California, you’d create a plan to get there. You’d get a map and decide how far you wanted to drive per day, and maybe even make some hotel reservations in advance. You certainly wouldn’t get in your car, just drive it randomly down the nearest highway, and hope you ended up in California, would you?

Certainly not. Earning your CCNA certification is the same way. It’s not enough to just study a few minutes “when you feel like it”, or tell yourself that you’ll start studying for the exams “when I get such-and-such done”. The perfect time to start on the road to Cisco certification is not tomorrow, and it’s not next week. It’s today.

You’re much better off with one hour of solid study than three hours of interrupted, unfocused study. Here are a few ways to go about getting the kind of quality study time that will get you to the CCNA or CCNP (or any Cisco certification, for that matter!).

Schedule your study time, and regard this study time as you would an appointment with a client. If you were to meet a customer at 10:00 to discuss a network install, would you just decide not to show up and watch television instead? Not if you wanted the job. The same goes for your study time. That’s an appointment with the most important customer of all – YOU.

Turn your cell, iPod, TV, instant messenger, and all other electronic collars off for the duration of your study time. I know those of us in information technology don’t like to say this, but we can actually exist without being in touch with the world for a little while. You may even get to like it! Having uninterrupted study time is key to CCNA and CCNP exam success.

Finally, schedule your exam before you start studying. Contrary to what many people think, “deadline” is not a dirty word. We do our best work when we have a deadline and a schedule to keep. Make out your study schedule, schedule your exam, and get to work just as you would a network project for a customer. The project you’re working on is your career and your life, and by following these simple steps you can make it a highly successful project – by passing your CCNA and CCNP exam!

It is deniable that our works and lives are more convenient and easier when using wireless. We can work anywhere and that is why wireless networks are becoming so popular. Especially if you have broadband Internet access, a wireless router can give you instant communication with the world.

Imagine you are sitting by the pool and enjoying chatting through the Internet. Or lounging in the Jacuzzi listening to your MP3 collection is appealing to us all. Unfortunately, many, or even most, wireless units don’t come with security features already functioning. This may not seem like a big issue to someone who is simply setting up a home network, but there are a number of potential problems you should consider.

Identity theft seems to be the most serious problem. If your network is unsecured, the personal data on your wireless electronic equipment is also unsecured. The order you just placed for a book at Amazon may have given your contact and payment information to an unscrupulous hacker! Nearly every town in which “WiFi” is common will have “War Drivers” and “War Chalkers” at work. These are people who walk or drive around town with wireless equipment, searching for unsecured networks. The “Chalkers” then live up their name, marking curbs and other public items with chalk so that others can more easily find and exploit your network.

In fact, not all “War Drivers” are hackers, of course. Many just want to use your network for free, but the risk is high if you don’t learn how to protect yourself. You can usually find quite a bit of free information as to how to secure your network at the website of your router’s manufacturer, or by doing a search in a search engine for a phrase like “secure home wireless.”

In addition, there are also your neighbors who may find your network by accident and enjoy nosing into your activities and using your Internet access at will, slowing down your network speed in the process.

Even many businesses use cheap, home-use quality equipment for their company networks. With the poor security often found on small business networks, anyone with a basic knowledge of wireless can access sensitive company and customer data.

It is highly recommended that you hire service companies to secure your network for you, or else you will have to bear with a risk of being exploited. A search of your local yellow pages or an inquiry at your neighborhood computer store should yield professional help and get your private data private again.