Download - Network Routing Protocols - A brief
-
7/28/2019 Network Routing Protocols - A brief
1/72
2000, Cisco Systems, Inc.
2200
1303_06_2000_c2 1
2 2000, Cisco Systems, Inc.22001303_06_2000_c2
Advanced RoutingTechnologies
Advanced RoutingTechnologies
Session 2200Session 2200
-
7/28/2019 Network Routing Protocols - A brief
2/72
3 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
AgendaAgenda
Background
Host Interaction
Too Much Information
Multi-Routing-Protocol
Redistribution
Policy Routing
Internet
4 2000, Cisco Systems, Inc.22001303_06_2000_c2
BackgroundBackground
-
7/28/2019 Network Routing Protocols - A brief
3/72
5 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
CCIE CredoCCIE Credo
Just becauseyou can, doesnt
mean you should.
6 2000, Cisco Systems, Inc.22001303_06_2000_c2
Router FunctionsRouter Functions
Routing = building mapsand giving directions
Switching = forwardingpackets between
interfaces Routers are packet
relays or switches
Path determinationis overhead
-
7/28/2019 Network Routing Protocols - A brief
4/72
7 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
I Know About:
Network XNetwork YNetwork Z
I Know About:
Network ANetwork BNetwork C
A
B
C
X
Y
Z
Routing Update
Exchanges Network Knowledge
Routing ProtocolsRouting Protocols
Routers are packet switches that forward trafficbased on Layer 3 logical addresses
Routing protocol updates are exchanged by routersto learn about paths to other logical networks
Each routing protocol offers features that can makeit desirable as part of an internetwork design
8 2000, Cisco Systems, Inc.22001303_06_2000_c2
NameName
RIPRIP
RIPV2RIPV2
IGRPIGRP
EIGRPEIGRP
OSPFOSPF
IS-ISIS-IS
BGPBGP
TypeType
DVDV
DVDV
DVDV
Adv DVAdv DV
LSLS
LSLS
Path VecPath Vec
ProprietaryProprietary
NoNo
NoNo
YesYes
YesYes
NoNo
NoNo
NoNo
FunctionFunction
InteriorInterior
InteriorInterior
InteriorInterior
InteriorInterior
InteriorInterior
InteriorInterior
ExteriorExterior
UpdatesUpdates
30 Sec30 Sec
30 Sec30 Sec
90 Sec90 Sec
TrigTrig
TrigTrig
TrigTrig
IncrIncr
MetricMetric
HopsHops
HopsHops
CompComp
CompComp
CostCost
CostCost
N/AN/A
VLSMVLSM
NoNo
YesYes
NoNo
YesYes
YesYes
YesYes
SummSumm
AutoAuto
AutoAuto
AutoAuto
BothBoth
ManMan
AutoAuto
AutoAuto
Internet Routing ProtocolsInternet Routing Protocols
IP routing protocols are characterized as
YesYes
-
7/28/2019 Network Routing Protocols - A brief
5/72
9 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
The Forwarding TableThe Forwarding Table
Populated by
Hardware State
Configuration
Routing Protocols
02:03:5002:03:50
02:03:5002:03:50
00:00:2000:00:20
AgeAge
[170/304793][170/304793]
[110/9936][110/9936]
[120/3][120/3]
Dist/MetricDist/Metric
DD
OO
RR
SrcSrc
CC
198.113.181.0/24198.113.181.0/24
198.113.178.0/26198.113.178.0/26
192.168.96.0/24192.168.96.0/24
Network #Network #
192.150.42.178/25192.150.42.178/25
Ethernet0Ethernet0
Ethernet0Ethernet0
Ethernet0Ethernet0
InterfaceInterface
Ethernet0Ethernet0
192.150.42.177192.150.42.177
192.150.42.177192.150.42.177
192.150.42.177192.150.42.177
Next HopNext Hop
Direct ConnectDirect Connect
10 2000, Cisco Systems, Inc.22001303_06_2000_c2
The Forwarding TableThe Forwarding Table
Configuration defineswhat protocol processesrun, which interfaces theyown, and how theyprocess protocol data
Each routing protocolprocess
Creates its own tables anddatabases
Receives protocol packetsand processes them
Tries to insert the resultsinto the forwarding table
IOS
02:03:5002:03:50DD 198.113.181.0/24198.113.181.0/24 Ethernet0Ethernet0[170/304793][170/304793] 192.150.42.177192.150.42.177
02:03:5002:03:50OO 198.113.178.0/26198.113.178.0/26 Ethernet0Ethernet0[110/9936][110/9936] 192.150.42.177192.150.42.177
00:00:2000:00:20RR 192.168.96.0/24192.168.96.0/24 Ethernet0Ethernet0[120/3][120/3] 192.150.42.177192.150.42.177
AgeAgeSrcSrc Network #Network # InterfaceInterfaceDist/MetricDist/Metric Next HopNext Hop
CC 192.150.42.178/25192.150.42.178/25 Ethernet0Ethernet0Direct ConnectDirect Connect
-
7/28/2019 Network Routing Protocols - A brief
6/72
11 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Host InteractionHost Interaction
12 2000, Cisco Systems, Inc.22001303_06_2000_c2
How Hosts TransmitHow Hosts Transmit
Using default-gw:
Compare DA tointerfaces and masks
If local, get L2 datavia arp and transmit
Else get L2 data ofdefault router via arpand transmit
Using tables:
Search table for longestmatch use next hop
Local is a special case,next hop is DA
If no match use defaultroute for next hop
Get L2 data of next hopvia arp and transmit
Note: Simplified
-
7/28/2019 Network Routing Protocols - A brief
7/72
13 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
ARP for 10.1.2.2
Respond to ARP
Packet for 10.1.2.2
10.1.1.2/16 10.1.1.1/24
Proxy ARPProxy ARP
Router responds to ARPs for offsubnet addresses if it has a route
Enabled by default
RFC 1027
14 2000, Cisco Systems, Inc.22001303_06_2000_c2
ICMP RedirectsICMP Redirects
Cisco routers send ICMP redirects when:
The input interface is the output interface and
the (sub)network of the source IP address is the same(sub)network of the next-hop IP address of the routedpacket and
the datagram is notsource-routed and
the system is configured to send redirects. (On bydefault) You can use the interface subcommandno ip redirects to disable ICMP redirects.)
Note: ICMP redirects are disabled by defaultif HSRP is configured on the interface
-
7/28/2019 Network Routing Protocols - A brief
8/72
15 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Find a Default RouterFind a Default Router
IRDPICMP Router Discovery Protocol, RFC 1256
Routers periodically announce via ICMP thatthey are default
Clients can solicit routers as well
Are there any routers?
10.1.1.4/16 10.1.1.2/2410.1.1.1/24
I am default
I am default
16 2000, Cisco Systems, Inc.22001303_06_2000_c2
ip irdp [multicast
holdtime seconds (3X max)maxadvertinterval seconds (600)minadvertinterval seconds (3/4X max)preference number (0)address a dd r e s s [numbe r]]
IRDP on RoutersIRDP on Routers
Announcements have a lifetime and preference
Configured per interface; off by default
Can advertise via all systems multicast(224.0.0.1)
Preference level can be set
-
7/28/2019 Network Routing Protocols - A brief
9/72
17 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
IRDP on HostsIRDP on Hosts
in.rdisc in Solaris (multicast only) gated in Linux, HP-UX and AIX
routerdiscovery client yes | no | on | off ;
WinSock2 in Windows
NT 4.0 KB Article Q223756HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adaptername\Parameters\Tcpip\
DHCP option 31
18 2000, Cisco Systems, Inc.22001303_06_2000_c2
10.1.1.300:10:7B:04:88:BB10.1.1.33
10.1.1.1
00:10:7B:04:88:AA
10.1.1.200:10:7B:04:88:CC
default-gw = 10.1.1.1
HSRPHot StandbyRouter Protocol
HSRPHot StandbyRouter Protocol
Transparent failover of default router
Phantom router created
One router is active, responds to phantomL2 and L3 addresses
Others monitor and take over phantom addresses
-
7/28/2019 Network Routing Protocols - A brief
10/72
19 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Router Group #1
Router Group #2
StandbyStandby
StandbyStandby
StandbyStandby
PrimaryPrimary
PrimaryPrimary
HSRPRFC 2281HSRPRFC 2281
HSR multicasts hellosevery 3 sec with adefault priority of 100
HSR will assume controlif it has the highestpriority and preemptconfigured after delay(default=0) seconds
HSR will deduct 10 fromits priority if the trackedinterface goes down
20 2000, Cisco Systems, Inc.22001303_06_2000_c2
HSRPHSRP
Hot Standby Router ProtocolRouter1:
interface ethernet 0/0
bandwidth 128128
ip address 169.223.10.1 255.255.255.0
standby 10 ip 169.223.10.254169.223.10.254
Router2:
interface ethernet 0/0
bandwidth 15001500
ip address 169.223.10.2 255.255.255.0
standby 10 priority 150150 preempt delay 1010
standby 10 ip 169.223.10.254169.223.10.254
standby 10 track serial 0 6060
Internet or ISPbackbone
Server Systems
Router 1Router 1 Router 2Router 2
-
7/28/2019 Network Routing Protocols - A brief
11/72
21 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
router ripnetwork 172.16.0.0
redistribute eigrp 1 subnets
router eigrp 1
network 172.16.0.0
Speak RIP to HostsSpeak RIP to Hosts
Using EIGRP buthosts run RIP
Router can:
RIP out, but not in
Advertise default only
22 2000, Cisco Systems, Inc.22001303_06_2000_c2
IP Broadcast ControlIP Broadcast Control
Subnet or directed broadcast->w.x.y.255
All net broadcast->255.255.255.255
IP directed broadcasts are dropped by default
ip helper-address forwards ip forward-protocol packets
ip directed-broadcast floods ip forward-protocol
packets
To be forwarded:
The packet must be a MAC-level broadcast.
The packet must be an IP-level all or major network broadcast.
The packet must be a TFTP, DNS, Time, NetBIOS, ND, or BOOTPpacket, or a UDP protocol specified by the ip forward-protocoludp global configuration command.
The time-to-live (TTL) value of the packet must be at least two.
-
7/28/2019 Network Routing Protocols - A brief
12/72
23 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
IP Helper AddressIP Helper Address
Specified on the input interface
Indicates direction towardbroadcast destination
Forwards ip forward-protocolbroadcast packets, specifically:
TFTP, DNS, bootp, DHCP, TACACS,time, NetBIOS name and datagramservers
e0
Router A:interface ethernet 0ip helper-address 10.2.1.3 TFTP server
10.2.1.3
AA
24 2000, Cisco Systems, Inc.22001303_06_2000_c2
IP Forward ProtocolIP Forward Protocol
Flooded UDP packets have destination addresschanged to ip broadcast-address
ip forward-protocol spanning-tree
uses spanning tree database for flooding
ip forward-protocol turbo-flood
speed-up if using spanning tree flooding
Example:ip forward-protocol spanning-tree
bridge 1 protocol dec
access-list 201 deny 0x0000 0xFFFF
interface ethernet 0
bridge-group 1
bridge-group 1 input-type-list 201
-
7/28/2019 Network Routing Protocols - A brief
13/72
25 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
UDP Broadcast ApplicationUDP Broadcast Application
TIC Servers 164.53.7.0
.61 .62
164.53.8.0 164.53.9.0 164.53.10.0
Trader Networks
AA BB
FeedNetwork 200.200.200.0 Feed network
provides data
TIC servers UDPbroadcast data
Feed networkconnected torouters formanagement
e0 e0
26 2000, Cisco Systems, Inc.22001303_06_2000_c2
Helper AddressesHelper Addresses
IP helper added torouter interfaceson TIC network
Each router sees
the other routersbroadcasts
Each stationreceives multiplecopies of data
TIC Servers 164.53.7.0
.61.62
164.53.8.0 164.53.9.0 164.53.10.0
Trader Networks
AA BB
FeedNetwork 200.200.200.0
-
7/28/2019 Network Routing Protocols - A brief
14/72
27 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
UDP Forward ProtocolUDP Forward Protocol
Configure spanningtree
Filter non-routedprotocols
STP path costs set
A = 100 defaultB = 50
Router A defaultrouter
IRDP preference
TIC Servers 164.53.7.0
.61 .62
164.53.8.0 164.53.9.0 164.53.10.0
Trader Networks
AA BB
FeedNetwork 200.200.200.0
28 2000, Cisco Systems, Inc.22001303_06_2000_c2
Router A ConfigurationRouter A Configuration
ip forward-protocol spanning-tree
ip forward-protocol udp 111
!
interface ethernet 0
ip address 200.200.200.61 255.255.255.0
ip broadcast-address 200.200.200.255
!
interface ethernet 1
ip address 164.53.7.61 255.255.255.192ip broadcast-address 164.53.7.63
ip irdp preference 100
bridge-group 1
bridge-group 1 input-type-list 201
!
bridge 1 protocol dec
bridge 1 priority 255
access-list 201 deny 0xFFFF 0x0000
-
7/28/2019 Network Routing Protocols - A brief
15/72
29 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Router B ConfigurationRouter B Configuration
ip forward-protocol spanning-treeip forward-protocol udp 111
!
interface ethernet 0
ip address 200.200.200.62 255.255.255.0
ip broadcast-address 200.200.200.255
!
interface ethernet 1
ip address 164.53.7.62 255.255.255.192
ip broadcast-address 164.53.7.63
ip irdp preference 90
bridge-group 1
bridge-group 1 path-cost 50
bridge-group 1 input-type-list 201
!
bridge 1 protocol dec
bridge 1 priority 255
access-list 201 deny 0xFFFF 0x0000
30 2000, Cisco Systems, Inc.22001303_06_2000_c2
Secondary AddressesSecondary Addresses
More than one IP address onan interface
Every router on the broadcast
media must be part of all networks For RIP and IGRP, each address
will broadcast routing tables
Also called multinettingmultinetting
-
7/28/2019 Network Routing Protocols - A brief
16/72
31 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
172.17.2.21172.16.1.64
172.16.1.1
172.17.2.1
Secondary AddressingSecondary Addressing
Useful in switched networksRouter may relay packets, acting as a default gateway
Host may communicate directly, using ARP for learning
All routers on the same subnet mustmust be part of allsecondary networks
172.16.1.2172.17.2.2
32 2000, Cisco Systems, Inc.22001303_06_2000_c2
Too Much InformationToo Much Information
Static RoutesStatic Routes
-
7/28/2019 Network Routing Protocols - A brief
17/72
33 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Static RoutesStatic Routes
Routes configured manually Useful when few or just one
route exist
Can be administrative burden
Frequently used for default route
Two formats:
Outbound interface
Explicit next hop
(not always adjacent)
34 2000, Cisco Systems, Inc.22001303_06_2000_c2
Redistributing Static RoutesRedistributing Static Routes
Redistributed via network statement
If next hop is interface and network specd
ip route 172.16.1.0 255.255.255.0 ethernet 0
router xxxx
network 172.16.0.0
Redistributed if so configuredrouter xxxx
redistribute static
-
7/28/2019 Network Routing Protocols - A brief
18/72
35 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
ip route 172.16.1.0 255.255.255.0 172.16.3.1 140140
router rip
network 172.16.0.0
172.16.3.1172.16.1.0
172.16.3.2
E1
ISDN
Floating Static RoutesFloating Static Routes
A static route with a high distance
Can be overridden by dynamic info
36 2000, Cisco Systems, Inc.22001303_06_2000_c2
Too Much InformationToo Much Information
Default RoutesDefault Routes
-
7/28/2019 Network Routing Protocols - A brief
19/72
37 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
CITY
WORLD
Default RoutesDefault Routes
Route used if no match is found inforwarding table
Can be carried by routing protocols
Two models
Special network number: 0.0.0.0
Flagged in routing protocol
Protocols support multiple models
38 2000, Cisco Systems, Inc.22001303_06_2000_c2
Creating a Default RouteCreating a Default Route
default-gateway is for host mode
RIP, RIPv2: network 0.0.0.0
IGRP, EIGRP: ip default-network
OSPF, ISIS, BGP:default originate
-
7/28/2019 Network Routing Protocols - A brief
20/72
-
7/28/2019 Network Routing Protocols - A brief
21/72
41 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
ip route 0.0.0.0 0.0.0.0 serial 0router ospf 1
network 19.0.0.0 0.225.225.225 area 0
default-information originate always
10.1.1.0/23OSPF
19.0.0.0ISP
AS 200
SO
10.1.1.110.1.1.2
Service
ProviderRunningBGP
OSPF ExampleOSPF Example
OSPF default configuration usinga static route
42 2000, Cisco Systems, Inc.22001303_06_2000_c2
ip route 10.0.0.0 0.0.0.0 serial 0router eigrp 1
network 19.0.0.0
ip default-network 10.0.0.0
10.1.1.0/23EIGRP19.0.0.0
ISPAS 200
SO
10.1.1.110.1.1.2
EIGRP ExampleEIGRP Example
The default network of 0.0.0.0 used by RIP cannot beredistributed by IGRP or Enhanced IGRP
ServiceProviderRunningBGP
-
7/28/2019 Network Routing Protocols - A brief
22/72
43 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
ip route 0.0.0.0 0.0.0.0 s1
router isis
network 19.0.0.0default-information originate
ISIS19.0.0.0
ISIS19.0.0.0S1
19.1.1.119.1.1.2
Service
ProviderRunningBGP
L1L2L1
ISIS ExampleISIS Example
L1 default is nearest L1L2 router
Both L1 and L2 ISs cangenerate a default route
A L1 IS will always prefer a L1 default route beforeusingthe closest L2 capable IS
44 2000, Cisco Systems, Inc.22001303_06_2000_c2
BGP ExampleBGP Example
Allows redistribution of 0.0.0.0
Same as adding network 0.0.0.0
IGP19.0.0.0
eBGPiBGP
19.1.1.119.1.1.2
router bgp 164default-information originate
ServiceProviderRunningBGP
-
7/28/2019 Network Routing Protocols - A brief
23/72
45 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Conditional DefaultConditional Default
Inserts a default route if the condition inthe route map is met
In this case, if network (prefix) 10.1.1.0/24is present, advertise a default
ip prefix-list condcondpermit 10.1.1.0/24
!
route-map def-conddef-condpermit 10
match ip address prefix-list condcond
!
router rip
default-information originate route-map def-conddef-cond
46 2000, Cisco Systems, Inc.22001303_06_2000_c2
Too Much InformationToo Much Information
Route SummarizationRoute Summarization
-
7/28/2019 Network Routing Protocols - A brief
24/72
47 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
I Can
Route to the172.16.0.0/16
Network
Routing Table172.16.0.0/16
Routing Table172.16.0.0/16
Routing TableRouting Table
172.16.25.0/24172.16.25.0/24172.16.26.0/24172.16.26.0/24172.16.27.0/24172.16.27.0/24
172.16.27.0/24
172.16.26.0/24
172.16.25.0/24
AA
What Is Route Summarization?What Is Route Summarization?
Routing protocols can summarize addresses ofseveral prefixes into one prefix
This helps control resource usage
48 2000, Cisco Systems, Inc.22001303_06_2000_c2
172.16.128/17172.16.0/17
192.111.107/24
Route Summaries
172.16.0.0 255.255.0.0
192.111.107.0 255.255.255.0
Route Summaries
172.16.0.0 255.255.0.0
192.111.107.0 255.255.255.0
Route SummarizationRoute Summarization
By default summaries occur on classfulboundariesno auto-summary prevents this
-
7/28/2019 Network Routing Protocols - A brief
25/72
49 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
RIP Summarization ExampleRIP Summarization Example
The major network is 10.0.0.0 a Class A address space
The summary of the major net defines the prefix as impliedby the class (A, B, or C) of the address
The summary address 10.2.0.0 overrides the autosummaryaddress of 10.0.0.0
10.2.0.0 is advertised out interface E1
10.0.0.0 is not advertised
int E1ip address 10.1.1.1 255.255.255.0
ip summary-address rip 10.2.0.0 255.255.0.0
no ip split-horizon
router rip
network 10.0.0.0
50 2000, Cisco Systems, Inc.22001303_06_2000_c2
OSPF Inter-Area SummarizationOSPF Inter-Area Summarization
Summaries sent into backbone
Area 1 Area 0 Area 2
AA BB CC DD
128.213.64..95/24 128.213.96..127/24
128.213.96.0/19
128.213.64.0/19
B#
router ospf 100
area 1 range 128.213.64.0 255.255.224.0
-
7/28/2019 Network Routing Protocols - A brief
26/72
51 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
EIGRP SummarizationEIGRP Summarization
Configured on an interface basis
EIGRP summary routes are given a distance of 5
AA BB CC DD
128.213.64..95/24 128.213.96..127/24
128.213.96.0/19
128.213.64.0/19
B# interface ethernet 0ip summary-address eigrp 123 128.213.64.0 255.255.224.0
C# interface ethernet 1ip summary-address eigrp 123 128.213.96.0 255.255.224.0
e0e1
52 2000, Cisco Systems, Inc.22001303_06_2000_c2
ISIS SummarizationISIS Summarization
from L1 areas into the L2 backbone,
from L2 leaking down into L1 areas,
or when redistributing into L2 or L1
router isis
summary address 192.1.0.0 255.255.0.0
-
7/28/2019 Network Routing Protocols - A brief
27/72
53 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
BGP AggregationBGP Aggregation
Summarization based on specifics f romf romthe BGP rout ing tablethe BGP rout ing table
aggregate-address w.x.y.z mask{ as - s et } { s ummar y - on l y } { r out e-
map}
Use as - s et to include path andcommunity info from specifics
summar y - onl ysuppresses specifics
r out e- map sets other attributes
54 2000, Cisco Systems, Inc.22001303_06_2000_c2
BGP Summarization ExamplesBGP Summarization Examples
Redistribute summary 193.0.0.0ip route 193.0.0.0 255.0.0.0 null 0
router bgp 100
redistribute static
Advertise aggregate if BGP has any more
specificrouter bgp 100aggregate-address 193.0.0.0 255.0.0.0
Aggregate only, more specific routessuppressed
router bgp 100
aggregate-address 193.0.0.0 255.0.0.0 summary-only
-
7/28/2019 Network Routing Protocols - A brief
28/72
55 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Too Much InformationToo Much Information
Filtering Route DataFiltering Route Data
56 2000, Cisco Systems, Inc.22001303_06_2000_c2
router xxxpassive interface serial 0
neighbor w.x.y.zneighbor w.x.y.z
s0
Passive InterfacePassive Interface
Prevents routing updates from being transmittedout an interface
Dont waste resources generating updates oninterfaces that have no need for them (loopback)
Can also usepassive-interface default
-
7/28/2019 Network Routing Protocols - A brief
29/72
57 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
AdvertiseB and X
AdvertiseB and Y
NetworkX
NetworkA
NetworkA
Network
B
NetworkY
Route FilteringRoute Filtering
Selectively announce routes, per neighborHide part of the topology/connectivity
Selectively accept routes, per neighbor
Refuse erroneous make-believe announcements
Protect against redistribution loops
Route filter with distribute-list command
Can filter anywhere in distance-vector protocols:
RIP, IGRP, EIGRP, RIPv2 and BGP
Can filter at redistribution points betweenany protocols:
RIP, EIGRP, OSPF, IGRP, IS-IS, BGP, Static, etc.
Use route-maps at redistribution points
Based on extended access-lists for route prefixes
Based on tags of route origin or history
Based on AS filters in BGP
58 2000, Cisco Systems, Inc.22001303_06_2000_c2
s0
10.0.0.0
172.16.1.0 129.1.1.0
PartnerNetwork
distribute list 11 in serial 0
access-list 11 permit 129.1.0.0
access-list 11 deny 0.0.0.0 255.255.255.255
10.0.0.0
Filtering Incoming UpdatesFiltering Incoming Updates
Control input of routing data
-
7/28/2019 Network Routing Protocols - A brief
30/72
59 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
router eigrp 111network 128.1.0.0
distribute list 11 out serial 0
access-list 11 permit 128.1.0.0 0.0.0.0
ip default network 128.1.0.0
s0
Filtering Outgoing UpdatesFiltering Outgoing Updates
Useful to propagate default route
60 2000, Cisco Systems, Inc.22001303_06_2000_c2
Precedence of FiltersPrecedence of Filters
Filter routing updates in or out bound
Interface specific or global
Evaluation order: interface, global
Example:
access-list 1 deny 1.0.0.0 0.255.255.255access-list 2 permit 1.2.3.0 0.0.0.255
router rip
distribute-list 1 in ethernet 0
distribute-list 2 in
List 2 is overridden on interface ethernet 0
-
7/28/2019 Network Routing Protocols - A brief
31/72
61 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
RIPRIP
RIPv2RIPv2
IGRPIGRP
EIGRPEIGRP
OSPFOSPF
BGPBGP
UDP Port 520UDP Port 520
UDP Port 520UDP Port 520
IP Protocol Field 9IP Protocol Field 9
IP Protocol Field 88IP Protocol Field 88
IP Protocol Field 89IP Protocol Field 89
TCP Port 179TCP Port 179
255.255.255.255255.255.255.255
224.0.0.9 (Default)255.255.255.255
224.0.0.9 (Default)255.255.255.255
255.255.255.255255.255.255.255
224.0.0.10224.0.0.10
224.0.0.5 (AllOSPFRouters)224.0.0.6 (DRRouters)
224.0.0.5 (AllOSPFRouters)224.0.0.6 (DRRouters)
Neighbor AddressNeighbor Address
ACL OversightsACL Oversights
Access control lists can filter routing updates
ISISISIS 01:80:C2:00:00:1501:80:C2:00:00:15SAP 0xFEFE; Protocol 83SAP 0xFEFE; Protocol 83
62 2000, Cisco Systems, Inc.22001303_06_2000_c2
SignatureSignature
Signs RouteUpdates
VerifiesSignature
Campus
Configure: Key and Hash Function
Route UpdatesRoute Updates
Secure RoutingRoute Authentication
Secure RoutingRoute Authentication
Certifies authenticity of neighborand integrity of route updates
-
7/28/2019 Network Routing Protocols - A brief
32/72
63 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Signature = Encrypted Hash of Routing Update
SignatureSignature
HashHash
Routing UpdateRouting Update
Routing UpdateRouting UpdateSignatureSignature
Router A
HashFunction
HashFunction
Signature GenerationSignature Generation
64 2000, Cisco Systems, Inc.22001303_06_2000_c2
SignatureSignature
Decrypt UsingPreconfigured Key
Re-Hash the
Routing Update
If Hashes AreEqual, Signature
Is Authentic
HashHash
Routing UpdateRouting Update
Routing UpdateRouting UpdateSignatureSignature
HashHash
Router B
Receiving Router Separates
Routing Update and Signature
HashFunction
HashFunction
Signature VerificationSignature Verification
-
7/28/2019 Network Routing Protocols - A brief
33/72
65 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
key chain kal
key 1
key-string 234
!
interface Serial2
ip rip authentication mode md5
ip rip authentication key-chain kal
!
router rip
version 2
AA
Authentication in RIPv2Authentication in RIPv2
key chain ka2
key 1
key-string 234!
interface Serial1/0
ip rip authentication mode md5
ip rip authentication key-chain ka2
!
router rip
version 2
BB
66 2000, Cisco Systems, Inc.22001303_06_2000_c2
AuthenticationAuthentication
RIP uses text and MD5
also validate-update-source
(E)IGRP uses MD5
OSPF has text and MD5 per area and intf
ISIS has text per area and domain
MD5 authentication is on the way
BGP uses MD5 per neighbor
-
7/28/2019 Network Routing Protocols - A brief
34/72
67 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Special InterfacesSpecial Interfaces
LoopbackLoopback
is always upis always up
use with OSPF for ause with OSPF for astable routerIDstable routerID
use as tunneluse as tunnelendpoint orendpoint orsourcesource
make passive formake passive for
routing protocolsrouting protocols
NullNull
the big black bitthe big black bitbucketbucket
summaries installsummaries installstatic to the nullstatic to the null
use statics to nulluse statics to nullas a very fastas a very fastACLACL
use to create stableuse to create stable
static routesstatic routes(BGP)(BGP)
UnnumberedUnnumbered
save IP addressessave IP addresses
only on p2p interfacesonly on p2p interfaces
routes with the next-routes with the next-hop via thehop via the
unnumbered intfunnumbered intfshow up as interfaceshow up as interfaceroutesroutes
NMSs dont like itNMSs dont like it
pointing to thepointing to theloopback is a favoriteloopback is a favorite
68 2000, Cisco Systems, Inc.22001303_06_2000_c2
MultiprotocolMultiprotocol
Running Multiple RoutingProcesses in the Same BoxRunning Multiple Routing
Processes in the Same Box
-
7/28/2019 Network Routing Protocols - A brief
35/72
69 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Running Multiple IGPsRunning Multiple IGPs
Different protocols usedifferent metrics
Metrics are difficult to comparealgorithmically
Therefore, a collating sequence
Which protocol do you believe the most?
Then decide which metric is the best
70 2000, Cisco Systems, Inc.22001303_06_2000_c2
RIP Router
IGRP Router
Network A
Take route withTake route withlowest distance;lowest distance;Compare metricsCompare metricsonly if distanceonly if distance
Is equalIs equal
Use Distance toImplement Routing Policy
Use Distance toImplement Routing Policy
Distance distinguishes sourcesof IP routing information
-
7/28/2019 Network Routing Protocols - A brief
36/72
71 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Route SourceRoute Source Default DistanceDefault Distance
Connected InterfaceConnected Interface
Static RouteStatic Route
Enhanced IGRP Summary RouteEnhanced IGRP Summary Route
External BGPExternal BGP
Internal Enhanced IGRPInternal Enhanced IGRP
IGRPIGRP
OSPFOSPFIS-ISIS-IS
RIPRIP
EGPEGP
External Enhanced IGRPExternal Enhanced IGRP
Internal BGPInternal BGP
Unknown, Discard RouteUnknown, Discard Route
00
11
55
2020
9090
100100
110110115115
120120
140140
170170
200200
255255
Default Administrative DistancesDefault Administrative Distances
72 2000, Cisco Systems, Inc.22001303_06_2000_c2
Modifying Default DistanceModifying Default Distance
distance wei ght [ addr ess mask[ ac c es s - l i s t - number ]
address and mask specify the source
access list applies to content
ip route des t nex t - hop di s t anc e
Remember the floating static route?
-
7/28/2019 Network Routing Protocols - A brief
37/72
73 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
128.88.1.0
router rip
network 192.31.7.0
network 128.88.0.0
distance 225 Barely believe anyone
distance 90 128.88.1.3 0.0.0.0 Believe the other routerdistance 120 192.31.7.0 0.0.0.255 Default for the top net
.3
192.31.7.0
.1
.1.2
.2
Using DistanceUsing Distance
74 2000, Cisco Systems, Inc.22001303_06_2000_c2
Importance of Prefix LengthsImportance of Prefix Lengths
Multiple protocols, router gets:
EIGRP (internal): 192.168.32.0/26
RIP: 192.168.32.0/24
OSPF: 192.68.32.0/19
Which one goes in the table?
Best distance? Shortest prefix?
They all will be!
They are di f ferentroutes
-
7/28/2019 Network Routing Protocols - A brief
38/72
75 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
router#show ip route
D 192.168.32.0/26 [90/25789217] via 10.1.1.1
R 192.168.32.0/24 [120/4] via 10.1.1.2
O 192.168.32.0/19 [110/229840] via 10.1.1.3
What Is the Next Hop?What Is the Next Hop?
Dest = 192.168.32.1
next hop = 10.1.1.1
falls within the192.168.32.0/26 network
longest prefix 26 > 24 > 19
Dest = 192.168.32.100
next hop = 10.1.1.2
falls within the192.168.32.0/24
longest prefix 24 > 19
From previous slide:
76 2000, Cisco Systems, Inc.22001303_06_2000_c2
IP ClasslessIP Classless
Only affects the forwarding process,not the routing process
Does not affect the way the table is built
Without ip classless the router will notforward to supernets
Became the default with IOS 11.3
Class AClass A Class BClass B Class CClass C
-
7/28/2019 Network Routing Protocols - A brief
39/72
77 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
No IP ClasslessNo IP Classless
Dest = 172.30.32.1next hop = 10.1.1.1
longest prefix match
Dest = 172.30.33.1
next hop = 10.1.1.2
longest prefix match
Dest = 192.168.10.1next hop = 10.1.1.3
uses default route
Dest = 172.30.254.1
is dropped
unknown subnet of aknown major network
router#show ip route
172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 172.30.32.0/20 [90/4879540] via 10.1.1.2
D 172.30.32.0/24 [90/25789217] via 10.1.1.1
S* 0.0.0.0/0 [1/0] via 10.1.1.3
78 2000, Cisco Systems, Inc.22001303_06_2000_c2
IP ClasslessIP Classless
Remote site
No routing protocol
Internet is reachable
10.0.0.0/8 is no taccessible
interface Serial 0ip address 10.1.2.2 255.255.255.0
!
interface Ethernet 0
ip address 10.1.1.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.1.2.1
!
no ip classless
10.x.x.x
10.1.1.0/24
10.1.2.0/24
-
7/28/2019 Network Routing Protocols - A brief
40/72
79
RedistributionRedistribution
Hops = Bandwidth = Compound =AS-PATH ?
Hops = Bandwidth = Compound =AS-PATH ?
2000, Cisco Systems, Inc.
2200
1303_06_2000_c2
80 2000, Cisco Systems, Inc.22001303_06_2000_c2
OSPF Domain
RIP Updates OSPF Updates
Route RedistributionRoute Redistribution
Router runs multiple routing protocols
Router exchanges routes internally
Exchange can be filtered
-
7/28/2019 Network Routing Protocols - A brief
41/72
81 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Redistributing RoutesRedistributing Routes
Under a router xxx command, redistribute:
a source protocol:bgp | igrp | isis | ospf |static | connected | rip
a value for the destination protocol:metric
a route map for filtering: route-map
scope of redistribution: subnets
as well as some protocol specific parameters
RIP OSPF
82 2000, Cisco Systems, Inc.22001303_06_2000_c2
Default MetricsDefault Metrics
The first, or seed, metric for a route isderived from being directly connectedto a router interface
Re-distributed routes are not physically connected
default-metric establishes the seedmetric for the route
Once a compatible metric is established, the metriccancan increment just like any other route
Set default metric bigger than the biggestnative metric
-
7/28/2019 Network Routing Protocols - A brief
42/72
83 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Configuring Default MetricsConfiguring Default Metrics
default-metric bandwi dt h del ay r el i abi l i t y l oadi ng mt u
Used for IGRP and EnhancedIGRP redistribution
default-metric number
Used for OSPF, RIP, ISIS,and BGP redistribution
84 2000, Cisco Systems, Inc.22001303_06_2000_c2
Offset ListsOffset Lists
Increases incoming and outgoing metric(hops or delay)
Add 10 to the delay component of routesmatching access list 21 when outbound
router igrp
offset-list 21 out 10
access-list 21 ..
Add 5 to routes learned from interface Ethernet 0
router rip
offset-list in 5 ethernet 0
-
7/28/2019 Network Routing Protocols - A brief
43/72
85 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Filtering Redistribution withAccess Lists
Filtering Redistribution withAccess Lists
Filter routing updates in or out bound
Interface specific or global or redistribution
Evaluation order: interface, redistribution, global
Example
access-list 1 deny 10.0.0.0 0.255.255.255
access-list 2 permit 10.2.3.0 0.0.0.255router rip
default-metric 1
redistribute igrp 20
distribute-list 1 out igrp 20
distribute-list 2 out
86 2000, Cisco Systems, Inc.22001303_06_2000_c2
Route MapsRoute Maps
Commandmatch... matches
as-path a BGP AS path access list.
community-list a BGP community list.
ip address a standard access list.
metric the specified metric.
ip next-hop a next-hop against ACLs.
tag the specified tag value.
interface a next-hop route to interfaces.
ip route-source the source of route against ACL
route-type the specified route type.
Commandmatch... matches
as-path a BGP AS path access list.
community-list a BGP community list.
ip address a standard access list.
metric the specified metric.
ip next-hop a next-hop against ACLs.
tag the specified tag value.
interface a next-hop route to interfaces.
ip route-source the source of route against ACL
route-type the specified route type.
-
7/28/2019 Network Routing Protocols - A brief
44/72
87 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Command set sets
community BGP COMMUNITIES attribute
dampening BGP route dampening factors
local-preference a value to a local BGP path
weight BGP weight for the routing table
origin BGP origin code
as-path BGP autonomous system path
next-hop address of the next hop
automatic-tag automatic computing of tag table
level routes advertised into the specified metric
metric value to give the redistributed routes
metric-type metric type
tag an associated tag value
Command set sets
community BGP COMMUNITIES attribute
dampening BGP route dampening factors
local-preference a value to a local BGP path
weight BGP weight for the routing table
origin BGP origin code
as-path BGP autonomous system path
next-hop address of the next hop
automatic-tag automatic computing of tag table
level routes advertised into the specified metric
metric value to give the redistributed routes
metric-type metric type
tag an associated tag value
Route MapsRoute Maps
88 2000, Cisco Systems, Inc.22001303_06_2000_c2
Conditional Default OriginationConditional Default Origination
A route map is referencedby the default-informationrouter configurationcommand
This type of reference iscalled conditional default
origination
OSPF will
Originate the default route(network 0.0.0.0)
With a Type 2 metric of 5
If 140.222.0.0 is in therouting table
route-map ospf-default permit
match ip address 1
set metric 5
set metric-type type-2
!
access-list 1 140.222.0.00.0.255.255
!
router ospf 109
default-informationoriginate route-map
ospf-default
-
7/28/2019 Network Routing Protocols - A brief
45/72
89 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Route Maps for Filtering ExampleRoute Maps for Filtering Example
Redistribute RIP routes with a hop count equalto 1 into OSPF
These routes will be redistributed into OSPF asexternal LSAs with
a metric of 5,metric type of Type1
a tag equal to 1.
router ospf 109
redistribute rip route-map rip-to-ospf!
route-map rip-to-ospf permit
match metric 1
set metric 5
set metric-type type1
set tag 1
90 2000, Cisco Systems, Inc.22001303_06_2000_c2
ip route 128.103.35.0 255.255.255.0 null0router ripredistribute staticdefault metric 1
128.103.35.18
128.103.35.33
128.103.35.34
128.103.88.1
gw1gw1
128.103.36.1
128.103.36.2
gw2gw2
128.103.35.65 128.103.35.66
gw6gw6
RIP /24
OSPF /28
gw8gw8
128.103.35.17
Redistribution ExampleRedistribution Example
OSPF has a longer maskthan RIP
gw2 is redistributing RIPand OSPF
RIP wont advertise routeslearned from OSPF
Solution:
-
7/28/2019 Network Routing Protocols - A brief
46/72
91 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
128.103.35.18
128.103.35.33
128.103.35.34
128.103.88.1
gw1gw1
128.103.36.1
128.103.36.2
gw2gw2
128.103.35.65 128.103.35.66
gw6gw6
RIP /28
OSPF /24
gw8gw8
128.103.35.17
Redistribution ExampleRedistribution Example
RIP has a longer maskthan OSPF
gw2 is redistributing RIPand OSPF
RIP wont advertise routes
learned from OSPF Solution:ip route 128.103.35.32 255.255.255.248 E0/0
ip route 128.103.35.16 255.255.255.248 E1/0
router rip
redistribute static
default metric 1
e0/0 e0/1
92 2000, Cisco Systems, Inc.22001303_06_2000_c2
Redist Static Into OSPFRedist Static Into OSPF
C#
interface Ethernet0
ip address 203.250.14.2 255.255.255.0
interface Serial1
ip address 203.250.15.1 255.255.255.252
router ospf 10
redistribute static
network 203.250.15.0 0.0.0.255 area 2
network 203.250.14.0 0.0.0.255 area 0
ip route 16.16.16.0 255.255.255.0 Ethernet0
ip route 128.213.0.0 255.255.0.0 Ethernet0
Did not use subnet or metric keywordson redistribute static
CC
EE
16.16.16.0/24
128.213.0.0/16
203.250.
15.1
15.2
area 0
-
7/28/2019 Network Routing Protocols - A brief
47/72
93 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Redist Static Into OSPFRedist Static Into OSPF
E#
interface Serial0
ip address 203.250.15.2 255.255.255.252
router ospf 10
network 203.250.15.0 0.0.0.255 area 2
E#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaE1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
Gateway of last resort is not set
203.250.15.0 255.255.255.252 is subnetted, 1 subnets
C 203.250.15.0 is directly connected, Serial0
O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:02:31, Serial0
O E2 128.213.0.0 [110/20] via 203.250.15.1, 00:02:32, Serial0
Subnet not used so:128.13.0.0 is in
16.16.16.0 is not
metric not used so:
metric is 20
94 2000, Cisco Systems, Inc.22001303_06_2000_c2
Redist Static Into OSPFRedist Static Into OSPF
E#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
Gateway of last resort is not set
16.0.0.0 255.255.255.0 is subnetted, 1 subnets
O E2 16.16.16.0 [110/50] via 203.250.15.1, 00:00:02, Serial0
203.250.15.0 255.255.255.252 is subnetted, 1 subnets
C 203.250.15.0 is directly connected, Serial0
O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:00:02, Serial0
O E2 128.213.0.0 [110/50] via 203.250.15.1, 00:00:02, Serial0
redistribute static metric 50 subnets
16.16.16.0 now appears, the cost to externalroutes is 50. Since the external routes are of type2 (E2), the internal cost has not been added
-
7/28/2019 Network Routing Protocols - A brief
48/72
95 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Redist Static Into OSPFRedist Static Into OSPF
redistribute static metric 50 metric-type 1 subnets
Note that the type has changed to E1 and thecost has been incremented by the internal costof S0 which is 64, the total cost is 64+50=114
RTE#sh ip route
Codes: C - connected, S - static, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2,i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
Gateway of last resort is not set
16.0.0.0 255.255.255.0 is subnetted, 1 subnets
O E1 16.16.16.0 [110/114] via 203.250.15.1, 00:04:20, Serial0
203.250.15.0 255.255.255.252 is subnetted, 1 subnets
C 203.250.15.0 is directly connected, Serial0
O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:09:41, Serial0
O E1 128.213.0.0 [110/114] via 203.250.15.1, 00:04:21, Serial0
96 2000, Cisco Systems, Inc.22001303_06_2000_c2
Redist Static Into OSPFRedist Static Into OSPF
C#
router ospf 10
redistribute static metric 50 metric-type 1
subnets route-map STOPUPDATEaccess-list 1 permit 128.213.0.0 0.0.255.255
!
route-map STOPUPDATE permit 10
match ip address 1
E#sh ip rouCodes: C - connected, S - static, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2,
* - candidate default
Gateway of last resort is not set
203.250.15.0 255.255.255.252 is subnetted, 1 subnets
C 203.250.15.0 is directly connected, Serial0
O IA 203.250.14.0 [110/74] via 203.250.15.1, 00:00:04, Serial0O E1 128.213.0.0 [110/114] via 203.250.15.1, 00:00:05, Serial0
128.213.0.0permitted
16.16.16.0denied
-
7/28/2019 Network Routing Protocols - A brief
49/72
97 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Feedback LoopsFeedback Loops
When crossing a redistribution boundary,information is lost
A physical or logical loop causes a routeto be advertised back to the redistributingrouter that first advertised it
How does the router know which routeto accept?
Answer: it cantcant know
Humans have to re-insert the lost information
98 2000, Cisco Systems, Inc.22001303_06_2000_c2
AS 300
EIGRP
RIP
172.16.0.0
172.16
EIGRP
172.16
RIP
172.16
EIGRP
172.16
RIP
ASBRASBR
ASBRASBR
Implementation ConsiderationsImplementation Considerations
Routing feedbackSuboptimal path selection
Routing loops
Incompatible routing information
Inconsistent convergence time
-
7/28/2019 Network Routing Protocols - A brief
50/72
-
7/28/2019 Network Routing Protocols - A brief
51/72
101 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
cen#sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaE1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate defaultU - per-user static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 11 subnetsI 172.16.12.0 [100/1188] via 172.16.2.2, 00:00:02, TokenRing0
I 172.16.9.0 [100/158813] via 172.16.1.1, 00:00:02, TokenRing1I 172.16.10.0 [100/8976] via 172.16.5.2, 00:00:02, Serial0.1
I 172.16.11.0 [100/8976] via 172.16.4.2, 00:00:02, Serial0.2
C 172.16.4.0 is directly connected, Serial0.2C 172.16.5.0 is directly connected, Serial0.1
I 172.16.6.0 [100/160250] via 172.16.5.2, 00:00:02, Serial0.1I 172.16.7.0 [100/158313] via 172.16.1.1, 00:00:02, TokenRing1
C 172.16.1.0 is directly connected, TokenRing1C 172.16.2.0 is directly connected, TokenRing0
I 172.16.3.0 [100/8539] via 172.16.2.2, 00:00:02, TokenRing0
[100/8539] via 172.16.1.1, 00:00:03, TokenRing1
Router Cen Under IGRPRouter Cen Under IGRP
CENCEN
102 2000, Cisco Systems, Inc.22001303_06_2000_c2
172.16.7.1
172.16.7.2
172.16.6.1172.16.6.2
172.16.5.2
172.16.5.1
172.16.4.1
172.16.4.2
172.16.1.1 172.16.1.2
172.16.3.1
172.16.3.2 172.16.2.2
172.16.2.1
172.16.9.1 172.16.10.1
64 Kb
64 Kb
T-1
R200R200
R300R300 R100R100
REMREM
CENCEN
TransTrans
T-1
FrameRelay
RIPRIP
IGRPIGRP
172.16.11.1
172.16.12.1
Introduce RIPIntroduce RIP
-
7/28/2019 Network Routing Protocols - A brief
52/72
103 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Router R300
router ripnetwork 172.16.0.0
Router Cenrouter ripredistribute igrp 1
passive-interface Serial0.2passive-interface TokenRing0
passive-interface TokenRing1
network 172.16.0.0
default-metric 3!
router igrp 1
redistribute rippassive-interface Serial0.1network 172.16.0.0
default-metric 10 100 255 1 1500
RIP ConfigsRIP Configs
CENCEN
R300R300
104 2000, Cisco Systems, Inc.22001303_06_2000_c2
Router R200router ripredistribute igrp 1passive-interface Serial0
passive-interface TokenRing0network 172.16.0.0
default-metric 3!
router igrp 1redistribute rippassive-interface Serial1
network 172.16.0.0default-metric 10 100 255 1 1500
Router R100router ripnetwork 172.16.0.0
RIP ConfigsRIP Configs
R100R100
R200R200
-
7/28/2019 Network Routing Protocols - A brief
53/72
105 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
cen#sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2
* - candidate default, U - per-user static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 11 subnets
I 172.16.12.0 [100/1188] via 172.16.2.2, 00:00:01, TokenRing0
R 172.16.9.0 [120/2] via 172.16.5.2, 00:00:01, Serial0.1
R 172.16.10.0 [120/1] via 172.16.5.2, 00:00:02, Serial0.1I 172.16.11.0 [100/8976] via 172.16.4.2, 00:00:02, Serial0.2
C 172.16.4.0 is directly connected, Serial0.2
C 172.16.5.0 is directly connected, Serial0.1
R 172.16.6.0 [120/1] via 172.16.5.2, 00:00:02, Serial0.1
I 172.16.7.0 [100/2688] via 172.16.1.1, 00:00:02, TokenRing1
C 172.16.1.0 is directly connected, TokenRing1
C 172.16.2.0 is directly connected, TokenRing0
I 172.16.3.0 [100/8539] via 172.16.2.2, 00:00:02, TokenRing0
[100/8539] via 172.16.1.1, 00:00:02, TokenRing1
Cen Doesnt Look Too BadCen Doesnt Look Too Bad
CENCEN
106 2000, Cisco Systems, Inc.22001303_06_2000_c2
r200>sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2
* - candidate default, U - per-user static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 11 subnets
I 172.16.12.0 [100/1251] via 172.16.1.2, 00:00:37, TokenRing0I 172.16.9.0 [100/1000163] via 172.16.1.2, 00:00:37, TokenRing0
I 172.16.10.0 [100/1000163] via 172.16.1.2, 00:00:37, TokenRing0
I 172.16.11.0 [100/9039] via 172.16.1.2, 00:00:37, TokenRing0
I 172.16.4.0 [100/8539] via 172.16.1.2, 00:00:37, TokenRing0
I 172.16.5.0 [100/8539] via 172.16.1.2, 00:00:37, TokenRing0
I 172.16.6.0 [100/1000163] via 172.16.1.2, 00:00:37, TokenRing0
C 172.16.7.0 is directly connected, Serial1
C 172.16.1.0 is directly connected, TokenRing0
I 172.16.2.0 [100/751] via 172.16.1.2, 00:00:37, TokenRing0
C 172.16.3.0 is directly connected, Serial0
Not Using the Best PathNot Using the Best Path
R200R200
-
7/28/2019 Network Routing Protocols - A brief
54/72
107 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Router Cen:router ripredistribute igrp 1passive-interface Serial0.2passive-interface TokenRing0passive-interface TokenRing1network 172.16.0.0default-metric 3!router igrp 1
redistribute rippassive-interface Serial0.1network 172.16.0.0default-metric 10 100 255 1 1500distance 130 0.0.0.0 255.255.255.255 1
!access-list 1 permit 172.16.9.0access-list 1 permit 172.16.10.0access-list 1 permit 172.16.6.0
Use Distance to CorrectUse Distance to Correct
CENCEN
108 2000, Cisco Systems, Inc.22001303_06_2000_c2
Router R200
router ripredistribute igrp 1passive-interface Serial0passive-interface TokenRing0network 172.16.0.0default-metric 3!router igrp 1
redistribute rippassive-interface Serial1network 172.16.0.0default-metric 10 100 255 1 1500distance 130 0.0.0.0 255.255.255.255 1!access-list 1 permit 172.16.9.0access-list 1 permit 172.16.10.0access-list 1 permit 172.16.6.0
Use Distance to CorrectUse Distance to Correct
R200R200
-
7/28/2019 Network Routing Protocols - A brief
55/72
109 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
r200#sho ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaE1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,* - candidate default, U - per-user static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 11 subnetsI 172.16.12.0 [100/1251] via 172.16.1.2, 00:00:49, TokenRing0
R 172.16.9.0 [120/1] via 172.16.7.1, 00:00:19, Serial1R 172.16.10.0 [120/2] via 172.16.7.1, 00:00:19, Serial1I 172.16.11.0 [100/9039] via 172.16.1.2, 00:00:49, TokenRing0I 172.16.4.0 [100/8539] via 172.16.1.2, 00:00:49, TokenRing0I 172.16.5.0 [100/8539] via 172.16.1.2, 00:00:49, TokenRing0R 172.16.6.0 [120/1] via 172.16.7.1, 00:00:19, Serial1C 172.16.7.0 is directly connected, Serial1C 172.16.1.0 is directly connected, TokenRing0I 172.16.2.0 [100/751] via 172.16.1.2, 00:00:49, TokenRing0C 172.16.3.0 is directly connected, Serial0
R200 Looks BetterR200 Looks Better
R200R200
110 2000, Cisco Systems, Inc.22001303_06_2000_c2
172.16.7.1
172.16.7.2
172.16.6.1172.16.6.2
172.16.5.2
172.16.5.1
172.16.4.1
172.16.4.2
172.16.1.1 172.16.1.2
172.16.3.1
172.16.3.2 172.16.2.2
172.16.2.1
172.16.9.1 172.16.10.1
64 Kb
64 Kb
T-1
R200R200
R300R300 R100R100
REMREM
CENCEN
TransTrans
T-1
FrameRelay
RIPRIP
IGRPIGRP
172.16.12.1
X
R200s RIP Interface DownR200s RIP Interface Down
-
7/28/2019 Network Routing Protocols - A brief
56/72
111 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
r200#sho ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2
* - candidate default, U - per-user static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 10 subnets
I 172.16.12.0 [100/1251] via 172.16.1.2, 00:00:08, TokenRing0
I 172.16.9.0 [130/1000163] via 172.16.1.2, 00:00:08, TokenRing0I 172.16.10.0 [130/1000163] via 172.16.1.2, 00:00:08, TokenRing0
I 172.16.11.0 [100/9039] via 172.16.1.2, 00:00:08, TokenRing0
I 172.16.4.0 [100/8539] via 172.16.1.2, 00:00:08, TokenRing0
I 172.16.5.0 [100/8539] via 172.16.1.2, 00:00:08, TokenRing0
I 172.16.6.0 [130/1000163] via 172.16.1.2, 00:00:08, TokenRing0
C 172.16.1.0 is directly connected, TokenRing0
I 172.16.2.0 [100/751] via 172.16.1.2, 00:00:08, TokenRing0
C 172.16.3.0 is directly connected, Serial0
Redundant Path WorksRedundant Path Works
R200R200
112
Policy RoutingPolicy Routing
When Destinations ArentEnough
When Destinations ArentEnough
2000, Cisco Systems, Inc.
22001303_06_2000_c2
-
7/28/2019 Network Routing Protocols - A brief
57/72
113 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Customer A
Customer B
ISP A
ISP B
Policy RoutingPolicy Routing
Forwarding decision not based ondestination address
Selects defined path based on attributes of userpacket (source/destination IP address,application port, packet lengths, and so forth)
Set next hop or interface
Set default next hop or interface
114 2000, Cisco Systems, Inc.22001303_06_2000_c2
How Policy Routing WorksHow Policy Routing Works
All packets received on an interface are consideredfor policy routing
Each packet is passed through a route map
Each entry in a route map has match and set clauses
Match clauses are conditions to be met
If all match clauses conditions are met by the packet, thenthat route map entry is used and no others are considered
An entry can be marked permit or deny
If deny, normal forwarding is used
If is permit, all set clauses are then applied andthe packet is forwarded
-
7/28/2019 Network Routing Protocols - A brief
58/72
115 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
match length mi n- l engt h max - l engt h
Policy Routing Match ClausesPolicy Routing Match Clauses
Match packets against the access lists to permitpolicy routing of them
If the Layer3 packet length is between min-length
and max-length, inclusive, the packet matches Useful for distinguishing interactive versus bulk
traffic when access lists will not work
match ip address ac c es s - l i s t - ex pr es s i ons
116 2000, Cisco Systems, Inc.22001303_06_2000_c2
set ip next-hop i p - addr es s 1 [ ]
Policy Routing Set ClausesPolicy Routing Set Clauses
Route packets to router at ip-address1
If there is no explicit route for thisdestination, then route to this hop
Both use the first IP address associatedwith an up/up interface
set ip default next-hop i p - addr es s1 [ ]
-
7/28/2019 Network Routing Protocols - A brief
59/72
117 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
set interface interface1 [ ]
set default interface i n t er f ac e1 [ ]
Policy Routing Set ClausesPolicy Routing Set Clauses
Specifies the output interface for thematched packet
If there is no explicit route for this destination,
then route to this interface
If interface1 is down interface2 and subsequentinterfaces are tried
Setting interface to Null0 creates a policy thatdrops the packet
118 2000, Cisco Systems, Inc.22001303_06_2000_c2
Policy Routing Set ClausesPolicy Routing Set Clauses
Set the IP TOS or precedence header field
Can use numeric or symbolic value
set ip precedence v al ue
valuevaluenamename0 routine0 routine1 priority1 priority
2 immediate2 immediate3 flash3 flash4 flash-override4 flash-override5 critical5 critical
6 internet6 internet7 network7 network
set ip tos v al ue
valuevaluenamename0 normal0 normal1 min-monetary-cost1 min-monetary-cost
2 max-reliability2 max-reliability4 max-throughput4 max-throughput8 min-delay8 min-delay
-
7/28/2019 Network Routing Protocols - A brief
60/72
119 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Policy Routing ConfigurationPolicy Routing Configuration
The set commands are evaluated in thefollowing order:
set ip precedence
set ip next-hop
set interface
set ip default next-hop
set default interface
A valid next hop implies the output interface
The first combination of next hop andinterface is used
Router sourced packets are policy routed via ip localroute-map f oocommand
120 2000, Cisco Systems, Inc.22001303_06_2000_c2
interface Ethernet0
ip address 192.168.93.10 255.255.255.0
ip policy route-map foofoo
interface Serial1
ip address 11.0.0.2 255.0.0.0
interface BRI0
ip address 10.0.0.2 255.0.0.0
route-map foofoo permit 12
set default interface Null0route-map foofoo permit 11
match ip address 103
set ip next-hop 10.0.0.1
route-map foofoo permit 10
match ip address 101
set ip next-hop 11.0.0.1
access-list 101 permit tcp 192.168.93.0 0.0.0.255 any eq telnet
access-list 101 permit icmp any any
access-list 103 permit tcp 192.168.93.0 0.0.0.255 any eq ftp
192.168.93.0
s1
bri0
telnetand ping
ftp
Policy Routing ExamplePolicy Routing Example
-
7/28/2019 Network Routing Protocols - A brief
61/72
-
7/28/2019 Network Routing Protocols - A brief
62/72
123 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
NPR ExampleNPR Example
Configure CEF, NetFlow, andNetFlow with flow acceleration
Configure policy routing to verify
that next hop 50.0.0.8 of routemap test is a CDP neighbor beforethe router tries to policy route to it
If the first packet is policy routedvia route map 10, the packets ofthe same flow always take thesame route map (10), not routemap 20, because they all match orpass access list 1 check
Policy Routing can be flow-accelerated by bypassing theaccess-list check
ip cef
ip flow-cache feature-accelerate
interface ethernet0/0/1
ip route-cache flow
ip policy route-map test
route-map test permit 10
match ip address 1
set ip precedence priority
set ip next-hop 50.0.0.8
set ip next-hop verify-availability
route-map test permit 20
match ip address 101
set interface Ethernet0/0/3
set ip tos max-throughput
124 2000, Cisco Systems, Inc.22001303_06_2000_c2
Routing to the InternetRouting to the Internet
To Infinity and Beyond!To Infinity and Beyond!
-
7/28/2019 Network Routing Protocols - A brief
63/72
125 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Ingress and EgressRoute Filtering
Ingress and EgressRoute Filtering
Nobody should be sending oradvertising anyIP addresses
out to the Internet with a
source address other thenthe address allocated to them!
126 2000, Cisco Systems, Inc.22001303_06_2000_c2
Ingress and EgressRoute Filtering
Ingress and EgressRoute Filtering
There are routes that should notbe routed on the Internet
RFC 1918
127.0.0.0/8
Multicast blocks
Martian Networks
BGP should have filters appliedso that these routes are notadvertised to or propagatedthrough the Internet
-
7/28/2019 Network Routing Protocols - A brief
64/72
127 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
access-list 180
deny ip host 0.0.0.0 any
deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
deny ip 169.254.0.0 0.0.255.255 255.255.0.0 0.0.255.255
deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
deny ip 192.0.2.0.0 0.0.0.255 255.255.255.0 0.0.0.255deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
permit ip any any
Access List
Ingress and EgressRoute Filtering
Ingress and EgressRoute Filtering
128 2000, Cisco Systems, Inc.22001303_06_2000_c2
Simplest scheme is touse defaults
Learn/advertise prefix forbetter control
Use eBGP multi-path to
install multiple paths inIP table
maximum-path
Load share over thealternate paths
AS 201
ISP
DD FF
AA
Multiple Sessions to an ISPMultiple Sessions to an ISP
-
7/28/2019 Network Routing Protocols - A brief
65/72
129 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
What Is Multihoming?What Is Multihoming?
Connecting to two or more ISPs to increase:
Reliability: one ISP fails, still OK
Performance: better paths to commonInternet destinations
Three common cases:Default from all providers
Customer+default routes from all
Full routes from all AS 400
AS 200
Customer
AS 100160.10.0.0/16
AS 300
EE
BB
CC
AA
DD
130 2000, Cisco Systems, Inc.22001303_06_2000_c2
ISP 2
Sessions to Multiple ISPsSessions to Multiple ISPs
Difficult to achieve loadsharing
Point default towards one ISP
Learn selected prefixes fromsecond ISP
Modify the number of prefixeslearned to achieve acceptableload sharing
AS 201
ISP 1
-
7/28/2019 Network Routing Protocols - A brief
66/72
131 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Default from All ProvidersDefault from All Providers
Low memory/CPU/$$$ solution Provider sends BGP default => exit
path decided by IGP metrics toreach default
Customer sends all local AS routes toprovider => inbound pathdecided by Internet
You can try toinfluence usingAS-path
AS 400
AS 200
AS 100160.10.0.0/16
AS 300
EE
BB
CC
AA
DD
0.0.0.0 0.0.0.0
132 2000, Cisco Systems, Inc.22001303_06_2000_c2
Customer and Default From AllProviders
Customer and Default From AllProviders
Medium memory and CPU
Best pathusually shortest AS-path
Use local-preference to override basedon prefix, as-path, or community
IGP metric to defaultused for all otherdestinations
AS 400
Provider
AS 200
Customer
AS 100160.10.0.0/16
ProviderAS 300
EE
BB
CC
AA
DD
-
7/28/2019 Network Routing Protocols - A brief
67/72
133 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Full Routes from All ProvidersFull Routes from All Providers
Higher memory/CPU/$$$ solution Reach all destinations by best
pathUsually shortest AS path
Can still manually tune using local-prefand as-path/community/prefix matches
AS 400
AS 200
AS 100
AS 300
EE
BB
CC
AA
DD
AS 500
134 2000, Cisco Systems, Inc.22001303_06_2000_c2
Gotchas with MultihomingGotchas with Multihoming
Asymmetricrouting possible
rpf checks
Cant control the net
CIDR blocks
Possibly use NAT
ISP 2
AS 201
ISP 1
172.16.0.0/16
Internet
172.16.0.0/14
X
-
7/28/2019 Network Routing Protocols - A brief
68/72
135 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Reverse Path ForwardingReverse Path Forwarding
CEF switching must be enabled
Source IP packets are checked toensure that the route back to thesource uses the same interface
Care required in multihomingsituations
ip verify unicast reverse-path
136 2000, Cisco Systems, Inc.22001303_06_2000_c2
Source RoutingSource Routing
IP has provision to allow source IPhost to specify route through Internet
All Internet connected routers should
turn this off, unless it is specificallyrequired:
no ip source-route
-
7/28/2019 Network Routing Protocols - A brief
69/72
137
ConclusionConclusion
Be Careful Out ThereBe Careful Out There
2000, Cisco Systems, Inc.
2200
1303_06_2000_c2
138 2000, Cisco Systems, Inc.22001303_06_2000_c2
Summary Part 1Summary Part 1
Under normal operation, there should beexactly one interior routing protocol onany network segment
Use passive-interface as necessary toensure this
The number of redistribution boundariesshould be kept to a minimum
Run as few routing protocols as possible
-
7/28/2019 Network Routing Protocols - A brief
70/72
139 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Summary Part 2Summary Part 2
Choose routing protocol based on matchingrequirements with features
Addressing should be contiguous withrespect to topology
Redistribute routes only as necessary and asfew as required
Use advanced features for special cases andfor fine tuning
Test and understand before you implement
140 2000, Cisco Systems, Inc.22001303_06_2000_c2
Recommended ReadingRecommended Reading
IP Routing Protocols : RIP, OSPF, BGP, and Cisco Routing Protocolsby Uyless Black, ISBN: 0130142484
EIGRP for IP : Basic Operation and Configuration by Alvaro Retana,Russ White, Don Slice, ISBN: 0201657732
EIGRP Network Design Solutions, by Ivan Pepelnjak, ISBN:1578701651
OSPF : Anatomy of An Internet Routing Protocol by John T. Moy,ISBN: 0201634724
OSPF Network Design Solutions by Thomas M. Thomas, ISBN:1578700469
Large-Scale IP Network Solutions : CCIE Professional Developmentby Khalid Raza, Mark Turner, Salmad Asad, ISBN: 1578700841
Internet Routing Architectures, by Bassam Halabi, DannyMcPherson, ISBN: 157870233x
Routing in the Internet by Christian Huitema, ISBN: 0130226475
and of course:
http://www.cisco.com
-
7/28/2019 Network Routing Protocols - A brief
71/72
141 2000, Cisco Systems, Inc.2200
1303_06_2000_c2
Thank You!Thank You!
Recommended sessions:
2205 Deploying OSPF
2208 Deploying EIGRP
2209 Deploying BGP
2202 Deploying MPLS for TrafficEngineering and Backbone VPNs
2218 Introduction and Update for NetFlow
2213 Introduction to IPv6
AdvancedRouting Technologies
AdvancedRouting Technologies
Session 2200Session 2200
142 2000, Cisco Systems, Inc.22001303_06_2000_c2
-
7/28/2019 Network Routing Protocols - A brief
72/72
Please Complete YourEvaluation Form
Please Complete YourEvaluation Form
Session 2200Session 2200
143 2000, Cisco Systems, Inc.2200
1303_06_2000_c2