Layer-3 devices are generically called routers. Routers basically have two functions:
1. To find a layer-3 path to a destination network
2. To move packets from one interface to another to get a packet to its destination
In order to accomplish the first function, a router will need to:
– Learn about routers it is connected to in order to learn the networks that they know about
– Find locations of destination network numbers
– Choose a best path to each destination
– Maintain the most up-to-date routing information about how to reach destination networks
Types of Routes
A router can learn a route via one of two methods: static and dynamic. A static route is a route that is manually configured on the router. Dynamic routes are routes that a router learns by running a routing protocol. Routing protocols will learn about routes from other rout routers running the same routing protocol.
Administrative distance ranks the IP routing protocols, assigning a value, or weight, to each protocol. Distances can range from 0 to 255. A smaller distance is more believable by a router, with the best distance being 0 and the worst, 255.
Static Route Configuration
Router (config) # ip route destination_network_ # [subnet_mask] IP_address_of_next_hop_neighbor
Router (config) # ip route destination_network_ # [subnet_mask] interface_to_exit [administrative_distance]
Default Route Configuration
A default route is a special type of static route.Where a static route specifies a path a router should use to reach a specific destination, a default route specifies a path the router should use if it doesn't know how to reach the destination.
Router (config) # ip route 0.0.0.0 0.0.0.0 IP_address_of_next_hop_neighbor [administrative distance]
Router (config) # ip route 0.0.0.0 0.0.0.0 interface_to_exit [administrative_distance]
Dynamic Routing Protocols
Dynamic routing protocols learn about destination networks from rout routers. Dynamic routing protocols fall under one of three categories: distance vector, link state, and hybrid. Because of the differences between the various routing protocol types, each has advantages and disadvantages.
Distance Vector Protocols
Distance vector protocols are the simplest. Distance vector routing protocols use the distance and direction (vector) to find paths to destinations. Most distance vector protocols use the Bellman-Ford algorithm for finding paths to networking destinations. Some examples of IP routing protocols that are distance vector are RIPv1 and IGRP. Distance vector protocols periodically use local broadcasts with a destination IP address of 255.255.255.255 to share routing information.
When a distance vector protocol receives a routing update, it performs these steps:
1. Increment the metrics of the incoming routes in the advertisement (for IP
RIP, add 1 to the hop count).
2. Compare the network numbers in the routing update from the neighbor
to what the router has in its routing table.
3. If the neighbor's information is better, place it in the routing table and remove the old entry.
4. If the neighbor's information is worse, ignore it.
5. If the neighbor's information is exactly the same as the entry already in the table, reset the timer for the entry in the routing table (in other words, the router already learned about this route from the same neighbor).
6. If the neighbor's information is a different path to a known destination network, but with the same metric as the existing network in the routing table, the router will add it to the routing table along with the old one. This assumes you have not exceeded the maximum number of equal-cost paths for this destination network number.
The six steps are generally referred to as the Bellman-Ford algorithm.
Link State Protocols
Link state protocols use an algorithm called the Shortest Path First (SPF) algorithm, invented by Dijkstra, to find the best path to a destination. Examples of link state protocols include IP's OSPF. Whereas distance vector protocols use local broadcasts to disseminate routing information, link state protocols use multicasts. A distance protocol will send out its routing table religiously on its periodic interval whether there are changes or not. Link state protocols are smarter. They multicast what is called a Link State Advertisement (LSA), which is a piece of routing information that contains who originated the advertisement and what the network number is. LSAs are typically generated only when there are changes in the network. link state routers send out only incremental updates. Advantage that link state protocols have over distance vector protocols is that they support route classless routing [VLSM].
A hybrid protocol takes the advantages of both distance vector and link state protocols and merges them into a new protocol. Typically, hybrid protocols are based on a distance vector protocol but contain many of the features and advantages of link state protocols. Examples of hybrid protocols include RIPv2, EIGRP.
Problems with Distance Vector Protocols
The term convergence, in routing terms, refers to the time it takes for all of the routers to understand the current topology of the network. Link state protocols tend to converge very quickly, while distance vector protocols tent to converge slowly.
Solution: Triggered Updates
You actually have two solutions that you can use in order to speed convergence: change the periodic timer interval and / or use triggered updates.
Problem: Routing Loops
A routing loop is a layer-3 loop in the network. Basically, it is a disagreement about how to reach a destination network. Packet Loops in the Network.
Solution: Maximum Hop Count: IP RIP set a hop count limit of 15, by default, and IGRP allows a hop count of 100.
Solution: Split Horizon
Split horizon is used with small routing loops. Split horizon states that if a closely router sends a route to a router, the receiving router will not propagate this route back to the advertising router on the same interface.
Solution: Route Poisoning
Whereas split horizon is used to solve small routing loop problems, distance vector protocols use two mechanisms to deal with large routing loop problems: route poisoning and hold down timers. Route poisoning is a derivative of split horizon. When a router detects that one of its connected routes has failed; the router will poison the route by assigning an infinite metric to it. In IP RIP, the route is assigned a hop count of 16 (15 is the maximum), thus making it an unreachable network.
When a router advertises a poised route to its neighbors, its neighbors break the rule of split horizon and send back to the originator the same poisoned route, called a poison reverse. This ensures that everyone received the original update of the poisoned route.
In order to give the routers enough time to propagate the poisoned route and to ensure that no routing loops occur while propagation is occurring; the routers implement a hold-down mechanism. During this period, the routers will freeze the poisoned route in their routing tables for the period of the hold-down timer, which is typically three times the interval of the routing broadcast update. 180 Sec's
RIP (Routing Information Protocol)
IP RIP (Routing Information Protocol) comes in two different versions: 1 and 2. Version 1 is a distance vector protocol. Version 2 is a hybrid protocol. RIPv1 uses local broadcasts to share routing information. These updates are periodic in nature, occurring, by default, every 30 seconds, with a hold-down period of 180 seconds. Both versions of RIP use hop count as a metric, which is not always the best metric to use. RIPv1 is a classful protocol. Another interesting feature is that RIP supports up to six equal-cost paths to a single destination. The default is actually four paths, but this can be increased up to a maximum of six.
One major enhancement to RIPv2 pertains to how it deals with routing updates. Instead of using broadcasts, RIPv2 uses multicasts. And to speed up convergence, RIPv2 supports triggered updates-when a change occurs, a RIPv2 router will immediately propagate its routing information to its connected neighbors. A second major enhancement that RIPv2 has is that it is a classless protocol. RIPv2 supports variable-length subnet masking (VLSM), which allows you to use more than one subnet mask for a given class network number.
Configuring IP RIP
Router (config) # router rip
Router (config-router) # network IP_network_ #
Specifying RIP Version 1 and 2
Router (config) # router rip
Router (config-router) # version 1 | 2
Troubleshooting IP RIP
show ip protocols
show ip route
debug ip rip
debug ip rip
IGRP (Interior Gateway Routing Protocol)
The Interior Gateway Routing Protocol (IGRP) is a Cisco-proprietary routing protocol for IP. Like IP RIPv1, it is a distance vector protocol. However, it scales better than RIP because of these advantages:
– It uses a sophisticated metric based on bandwidth and delay.
– It uses triggered updates to speed-up convergence.
– It supports unequal-cost load balancing to a single destination. IGRP uses a composite metric, which includes bandwidth, delay, reliability, load, and MTU, when choosing paths to a destination. By default, the algorithm uses only bandwidth and delay
Configuring IP IGRP
Router (config) # router igrp autonomous_system_ #
Router (config-router) # network IP_network_ #
Unlike RIP, IGRP understands the concept of an autonomous system and requires you to configure the autonomous system number in the routing process. For routers to share routing information, they must be in the same AS.
With RIP, you don't need to configure anything to enable equal-cost load balancing; and RIP doesn't support unequal-cost load balancing. IGRP supports both equal- and unequal-cost paths for load balancing to a single destination. Equal-cost paths are enabled by default, where IGRP supports up to six equal-cost paths (four by default) to a single destination in the IP routing table. IGRP, however, also supports unequal-cost paths, but this feature is disabled by default.
The variance feature allows you to include equal- and unequal-cost IGRP routes in the routing table.
Router (config-router) # variance multiplier
Troubleshooting IP IGRP
show ip protocols
show ip route
debug ip igrp events
debug ip igrp transactions
OSPF (Open Shortest Path First)
The Open Shortest Path First (OSPF) protocol is a link state protocol that handles routing for IP traffic. Because it is based on an open standard, OSPF is very popular in many corporate networks today and has many advantages, including these:
– It will run on most routers, since it is based on an open standard.
– It uses the SPF algorithm, developed by Dijkstra, to provide a loop-free topology.
– It provides fast convergence with triggered, incremental updates via Link State Advertisements (LSAs).
– It is a classless protocol and allows for a hierarchical design with VLSM and route summarization.
Given its advantages, OSPF does have its share of disadvantages:
– OSPF maintains three types of tables. So it requires more memory to hold the adjacency (list of OSPF neighbors), topology (a link state database containing all of the routers and their routes), and routing tables.
– It requires extra CPU processing to run the SPF algorithm, which is especially true when you first turn on your routers and they are initially building the adjacency and topology tables.
– For large networks, it requires careful design to break up the network into an appropriate hierarchical design by separating routers into different areas.
– It is complex to configure and more difficult to troubleshoot.
Hierarchical Design: Areas
Areas are used to provide hierarchical routing. Basically, areas are used to control when and how much routing information is shared across your network. In flat network designs, such as IP RIP, if a change occurs on one router, perhaps a flapping route problem, it affects every router in the entire network. With a correctly designed hierarchical network, these changes can be contained within a single area. OSPF implements a two-layer hierarchy: the backbone (area 0) and areas off of the backbone. Through a correct IP addressing design, you should be able to summarize routing information between areas. By performing this summarization, the routers have a smaller topology database (they know only about links in their own area and the summarized routes) and their routing tables are smaller (they know only about their own area's routes and the summarized routes).
Unlike RIP, which uses hop count as a metric, OSPF uses cost. Cost is actually the inverse of the bandwidth of a link: the faster the speed of the connection, the lower the cost. The most preferred path is the one with the lowest cost. By using cost as a metric, OSPF will choose more intelligent paths than RIP. OSPF supports load balancing of up to six equal-cost paths to a single destination. The default measurement that Cisco uses in calculating the cost metric is: cost = 10 ^ 8 / (interface bandwidth).
Each router in an OSPF network needs a unique ID. The ID is used to provide a unique identity to the OSPF router. This is included in any OSPF messages the router generates. The router ID is chosen according to one of the two following criteria:
– The highest IP address on its loop back interfaces (this is a logical interface on a router)
– The highest IP address on its active interfaces
It is highly recommended that you use a loop back interface because it is always up and thus the router can get a router ID.
OSPF learns about its neighbors and builds its adjacency and topology tables by sharing LSAs. There are different types of LSAs. When learning about the neighbors that a router is connected to, as well as keeping tabs on known neighbors, OSPF routers will generate hello LSAs every 10 seconds. When a neighbor is discovered and an adjacency is formed with the neighbor, a router expects to see hello messages from the neighbor. If a neighbor is not seen within the dead interval time, which defaults to 40 seconds, the neighbor is declared dead. When this occurs, the router will advertise this information, via an LSA message, to other enem OSPF routers. In order for two routers to become neighbors, the following must match on each router:
– The area number and its type
– The hello and dead interval timers
Let's assume that you turned on all your routers simultaneously on a segment. In this case, the OSPF routers will go through three states called the exchange process:
1. Down state the new router has not exchanged any OSPF information with any other router.
2. Init state A destination router has received a new router's hello and adds it to its neighbor list (assuming that certain values match). Note that communication is only unidirectional at this point.
3. Two-Way state the new router receives a unidirectional reply to its initial hello packet and adds the destination router to its neighbor database. Once the routers have entered a two-way state, they are considered neighbors. At this point, an election process takes place to elect the designated router (DR) and the backup designated router (BDR).
Designated and Backup Designated Routers
An OSPF router will not form adjacencies to just any router. Instead, a client / server design is implemented in OSPF. For each network multi-access segment, there is a DR and a BDR as well as other routers. When an OSPF router comes up, it forms adjacencies with the DR and the BDR on each multi-access segment that it is connected to. Any exchange of routing information is between these DR / BDR routers and the other OSPF neighbors on a segment (and vice versa). An OSPF router talks to a DR using the IP multicast address of 18.104.22.168. The DR and the BDR talk to all routers using the 22.214.171.124 multicast IP address.
The OSPF router with the highest priority becomes the DR for the segment. If there is a tie, the router with the highest router ID will become the DR. By default, all routers have a priority of 1 (priority can range 0-255). If the DR fails, the BDR is promoted to DR and another router is elected as the BDR. OSPF uses incremental updates. This means that whenever changes take place, only the change is shared with the DR, which will then share this information with other routers on the segment. OSPF routers share information about their connected routes with the DR, which includes the link-state type, the ID of the advertising router, the cost of the advertised link, and the sequence number of the link.
Router (config) # router ospf process_ID
Router (config-router) # network IP_address wildcard_mask area area_ #
Note that process ID do not need to match between different routers and that they have nothing to do with autonomous system numbers.
A wildcard mask is 32 bits in length. A 0 in a bit position means there must be a match, and a 1 in a bit position means the router doesn't care. Actually, a wildcard mask is an inverted subnet mask, with the 1's and 0's switched.
Class A: 0.255.255.255.255
Class B: 0.0.255.255
Class C: 0.0.0.255
A loopback interface is a logical, virtual interface on a router. By default, the router doesn't have any loopback interfaces, but they can easily be created. Here are some reasons you might want to create a loopback interface:
– To assign a router ID to an OSPF router
– To use for testing purposes, since this interface is always up
To create a loopback interface, use the following command:
Router (config) # interface loopback port_ #
Router (config-if) # ip address IP_address subnet_mask
• show ip protocols
• show ip route
• show ip ospf interface
• show ip ospf neighbor
• debug ip ospf adj
• debug ip ospf events
• debug ip ospf packet
EIGRP (Enhanced Interior Gateway Routing Protocol)
The Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco-proprietary routing protocol for IP. It's actually based on IGRP, with many enhancements built into it. These characteristics include:
– Fast convergence
– Loop-free topology
– VLSM and route summarization
– Multicast and incremental updates
– Routes for multiple routed protocols (Supports IP, IPX, APPLE TALK)
Characteristics of EIGRP
Both offer load balancing across six paths (equal or unequal).
– They have similar metric structures.
– EIGRP has faster convergence (triggered updates and saving a neighborbor's
routing table locally).
– EIGRP has less network overhead, since it uses incremental updates.
EIGRP and IGRP use the same metric structure. Both can use bandwidth, delay, reliability, and MTU when computing a best metric path to a destination. By default, only bandwidth and delay are used in the metric computation. One interesting point about these protocols is that if you have some routers in your network running IGRP and others running EIGRP, and both sets have the same autonomous system number, routing information will automatically be shared between the two.
EIGRP uses the Diffusing Update Algorithm (DUAL) to update the routing table. This algorithm can enable very fast convergence by storing a neighbor's routing information in a local topology table. If a primary route in the routing table fails, DUAL can take a backup route from the topology table and place this into the routing table without necessarily having to talk to other EIGRP destin routers to find an alternative path to the destination.
Interaction with Other EIGRP Routers
EIGRP uses hello packets to discover and maintain neighbor relationships, much as OSPF does. EIGRP generates hello packets every 5 seconds on LAN, point-to-point, and multipoint connections with speeds of at least T1 / E1 speeds. Otherwise, hellos are generated every 60 seconds. The dead interval period is three times the hello interval. EIGRP uses the multicast address of 126.96.36.199 for the destination in the hello packets.
For EIGRP routers to become neighbors, the following information must match:
– The AS number
– The K-values (these enable / disable the different metric components)
When two routers determine whether they will become neighbors, they go through the following process:
1. The first router generates a Hello with configuration information.
2. If the configuration information matches, the second router responds with an Update message with topology information.
3. The first router responds with an ACK message, acknowledging the receipt of the second's ACK.
4. The first router sends its topology to the second router via an Update message.
5. The second router responds back with an ACK.
At this point, the two routers have converged.
Here are the message types for which an EIGRP router expects an ACK back:
– Update Contains a routing update
– Query Asks a closely router to validate routing information
– Reply Responds to a query message
If an EIGRP router doesn't receive an ACK from these three packet types, the router will try a total of 16 times to resend the information. After this, the router declares the neighbor dead. When a router sends a hello packet, no corresponding ACK is expected.
Setting up EIGRP is almost as simple as configuring IGRP:
Router (config) # router eigrp autonomous_system_ #
Router (config-router) # network IP_network_ #
You must specify the AS number when configure EIGRP. Even though EIGRP is classless, you must
configure it as a classful protocol when specifying your network numbers with the network command.
– show ip protocols
– show ip route
– show ip eigrp neighbors
– show ip eigrp topology
– show ip eigrp traffic
– debug ip eigrp