Cisco^®CCDA Exam Cram Notes : Design A Routing Protocol Expansion

You generally find the convergence times in this order, from shortest to longest:

1. EIGRP with feasible successors.

2. Intrarea OSPF or IS-IS with fast or tuned timers.

• EIGRP without feasible successors.
• Intrarea OSPF or IS-IS with standard timers.
• Interarea OSPF or IS-IS.

The last three are highly variable, in reality. In any particular network, OSPF, IS-IS, and EIGRP without feasible successors might swap positions on the list. The network design, configuration, and several other factors impact the convergence time more than the routing protocol does. Needless to say that network design plays a significant role in arriving at fast convergence times.

Tables used in EIGRP

Neighbor table: The neighbor table stores information about neighboring EIGRP routers:

• Network address (IP)
• Connected interface
• Holdtime - how long the router will wait to receive another HELLO before dropping the neighbor; default = 3 * hello timer
• Uptime - how long the neighborship has been established
• Sequence numbers
• Retransmission Timeout (RTO) - how long the router will wait for an ack before retransmitting the packet; calculated by SRTT
• Smooth Round Trip Time (SRTT) - time it takes for an ack to be received once a packet has been transmitted
• Queue count - number of packets waiting in queue; a high count indicates line congestion
• The neighbor relationships are tracked in this table which are the basis for EIGRP routing and convergence activity. The address and the interface of a neighbor is discovered and recorded in a new entry of the neighbor table, whenever a new neighbor is discovered. These tables are used for reliable and sequenced delivery of packets.

Topology table: Topology Table: Confusingly named, this table does not store an overview of the complete network topology; rather, it effectively contains only the aggregation of the routing tables gathered from all directly connected neighbors. This table contains a list of destination networks in the EIGRP-routed network together with their respective metrics. Also for every destination, a successor and a feasible successor are identified and stored in the table if they exist. Every destination in the topology table can be marked either as "Passive", which is the state when the routing has stabilized and the router knows the route to the destination, or "Active" when the topology has changed and the router is in the process of (actively) updating its route to that destination.

Routers use topology table which route traffic in a network. All routing tables inside the autonomous system are available in this table, where the router is positioned. Each router uses routing protocol and maintains a topology table for each configured network protocol. The routes leading to a destination are found in the topology table.

Routing table: Stores the actual routes to all destinations; the routing table is populated from the topology table with every destination network that has its successor and optionally feasible successor identified (if unequal-cost load-balancing is enabled using the variance command). The successors and feasible successors serve as the next hop routers for these destinations.

EIGRP will use six different packet types when communicating with its neighboring EIGRP routers,

Hello Packets- EIGRP sends Hello packets once it has been enabled on a router for a particular network. These messages are used to identify neighbors and once identified, serve or function as a keepalive mechanism between neighbors. EIGRP Hello packets are sent to the link local Multicast group address 224.0.0.10. Hello packets sent by EIGRP do not require an Acknowledgment to be sent confirming that they were received. Because they require no explicit acknowledgment, Hello packets are classified as unreliable EIGRP packets. EIGRP Hello packets have an OPCode of 5.

Acknowledgement Packets- An EIGRP Acknowledgment (ACK) packet is simply an EIGRP Hello packet that contains no data. Acknowledgement packets are used by EIGRP to confirm reliable delivery of EIGRP packets. ACKs are always sent to a Unicast address, which is the source address of the sender of the reliable packet, and not to the EIGRP Multicast group address. In addition, Acknowledgement packets will always contain a non-zero acknowledgment number. The ACK uses the same OPCode as the Hello Packet because it is essentially just a Hello that contains no information. The OPCode is 5.

Update Packets- EIGRP Update packets are used to convey reachability of destinations. Update packets contain EIGRP routing updates. When a new neighbor is discovered, Update packets are sent via Unicast to the neighbor which the can build up its EIGRP Topology Table. It is important to know that Update packets are always transmitted reliably and always require explicit acknowledgement. Update packets are assigned an OPCode of 1.

Query Packet- EIGRP Query packets are Multicast and are used to reliably request routing information. EIGRP Query packets are sent to neighbors when a route is not available and the router needs to ask about the status of the route for fast convergence. If the router that sends out a Query does not receive a response from any of its neighbors, it resends the Query as a Unicast packet to the non-responsive neighbor(s). If no response is received in 16 attempts, the EIGRP neighbor relationship is reset. EIGRP Query packets are assigned an OPCode of 3.

Reply Packets- EIGRP Reply packets are sent in response to Query packets. The Reply packets are used to reliably respond to a Query packet. Reply packets are Unicast to the originator of the Query. The EIGRP Reply packets are assigned an OPCode of 4.

Request Packets- Request packets are used to get specific information from one or more neighbors and are used in route server applications. These packet types can be sent either via Multicast or Unicast, but are always transmitted unreliably.

The command "ipx router eigrp10" specifies that eigrp is used for routing protocol, and 10 is the autonomous system number.

The command "network 20" assigns EIGRP for IPX updates to network 20.

Important characteristics of RIPv2:

• Distance-vector protocol.
• Classless protocol (support for CIDR).
• Supports VLSMs.
• Metric is router hop count. Maximum hop count is 15; A hop count of 16 represents unreachable route.
• Periodic route updates sent every 30 seconds to multicast address 224.0.0.9.
• Supports authentication and encrypted password for route updates
• Implements split horizon with poison reverse.
• Implements triggered updates.
• Administrative distance for RIPv2 is 120.
• Used in small, flat networks or at the edge of larger networks.

RIPng for IPv6 offers the same benefits as RIP-2 and IPv6 OSPF is an IETF proposed standard.

OSPF: OSPF is a link state technology that uses Dijkstra algorithm to compute routing information. It has the following advantages over Distance Vector protocols such as RIP. The path cost in OSPF network is calculated using bandwidth only. Path cost is the total of the costs assigned to all interfaces that forward traffic along the path to the destination.

The formula used is [10 ^8 divided by Bandwidth].

For example, the cost of a 56kbps serial link is 1785. The default cost of a 10mbps Ethernet is 10.

An OSPF area is a collection of networks and routers that has the same area identification. OSPF process identifier is locally significant. Two neighbouring router interfaces can have same or different process ids. It is required to identify a unique instance of OSPF database.

Important characteristics of OSPF:

• Route updates are only sent when routes change. Each router sends a link-state advertisement (LSA) whenever a change occurs in one of the routes known to the router.
• LSAs contain information about the route that changed only.
• Routers exchange Hello messages during the convergence process to build their neighbor tables.
• OSPF, like RIP, is supported on non-Cisco routers.
• OSPF, like RIPv2 supports variable-length subnet masking (VLSM).
• OSPF supports an unlimited number of network hops. Compare it with only 15 hops supported by RIP.
• OSPF scales out very well because
  • It divides the routing domain (autonomous system) into areas.
  • It classifies routers hierarchically.
  • It converges very quickly.
• OSPF keeps up to six equal-cost route entries in the routing table for load balancing. Further, OSPF uses Dijkstra algorithm to calculate lowest cost route. The algorithm adds up the total costs between the local router and the each destination network. The lowest cost route is always preferred when there are multiple paths to a given destination.
• In an OSPF network, Type 2 LSAs are generated by a Designated Router (DR). Type 2 LSAs describe the set of routers attached to a particular network and are flooded within the area that contain the network only.

Benefits of OSPF routing over RIP

• Faster convergence: OSPF network converges faster because routing changes are flooded immediately and computer in parallel.
• Support for VLSM: OSPF supports VLSM. However, please note that RIP version2 also supports VLSM.
• Network Reachability: RIP networks are limited to 15 hops. Therefore, networks with more than 15 hops can not be reached by RIP by normal means. On the other hand, OSPF has practically no reachability limitation.
• Metric: RIP uses only hop count for making routing decisions. This may lead to severe problems in some cases, for example, that a route is nearer but is very slow compared to another route with plenty of bandwidth available. OSPF uses "cost" metric to choose best path. Cisco uses "bandwidth" as metric to choose best route.
• Efficiency: RIP uses routing updates every 30 seconds. OSPF multicasts link-state updates and sends the updates only when there is a change in the network.

Area backbone LSAs: The LSAs generated by Area Backbone Routers are LSA1, LSA2, LSA3, LSA4, and LSA5. Note that LSA6 is not supported by Cisco, and LSA7 is generated by NSSA router.

Stub area LSAs: The Stub area router generates LSA types 1, 2, and 3. i.e. Router LSA, Network LSA, and Summary LSA.

Totally Stubby LSAs:The Totally Stubby area routers generate LSA types 1 and 2 NSSA LSAs: A NSSA (Not So Stubby Area) router generates LSA types 1, 2, and 7. . LSA 7 is translated into LSA 5 as it leaves the NSSA

Different LSA types are described below:

a. LSA 1 (Router LSA): Generated by all routers in an area to describe their directly attached links (Intra-area routes). These do not leave the area. Router link entry, generated by all routers for each area to which it belongs. These are flooded within a particular area.

b. LSA 2 (Network LSA): Generated by the DR of a broadcast or Nonbroadcast segment to describe the neighbors connected to the segment. These do not leave the area. Network link entry, generated by designated router (DRs). Type 2 LSAs are advertised only to routers that are in the area containing the specific network. In an OSPF network, Type 2 LSAs are generated by a Designated Router (DR). Type 2 LSAs describe the set of routers attached to a particular network and are flooded within the area that contain the network only.

c. LSA Type 3 and Type 4 : Generated by the ABR to describe a route to neighbors outside the area. (Inter-area routes). Summary link entry, these LSAs are generated by area border routers (ABRs). These are sent to all routers within an area. These entries describe the links between the ABR and the internal routers of an area. These entries are flooded throughout the backbone area and to the other ABRs. Generated by the ABR to describe a route to an ASBR to neighbors outside the area.

d. LSA 5 (External LSA): Generated by ASBR to describe routes redistributed into the area. These routes appear as E1 or E2 in the routing table. E2 (default) uses a static cost throughout the OSPF domain as it only takes the cost into account that is reported at redistribution. E1 uses a cumulative cost of the cost reported into the OSPF domain at redistribution plus the local cost to the ASBR. LSA Type 5 : Autonomous System External Link Entry, These are originated by ASBR. These entries describe routes to destinations external to the autonomous system. These LSAs are flooded throughout the OSPF autonomous system except for stubby and totally stubby areas.

e. LSA 6 (Multicast LSA): Not supported on Cisco routers.

f. LSA 7 (NSSA External LSA): Generated by an ASBR inside a NSSA to describe routes redistributed into the NSSA. LSA 7 is translated into LSA 5 as it leaves the NSSA. These routes appear as N1 or N2 in the ip routing table inside the NSSA. Much like LSA 5, N2 is a static cost while N1 is a cumulative cost that includes the cost upto the ASBR.

The cost of external routes in OSPF depends on the configuration of ASBR. There are two external packet types possible.

• Type 1 (E1) - Here the metric is calculated by adding the external cost to the internal cost of each link that the packet crosses.
• Type 2 (E2): E2 is the default route type for routes learned via redistribution.

The sequence of steps followed in OSPF operation are as below:

1. Establish router adjacencies

2. Elect DR and BDR

3. Discover Routes

4. Choose appropriate routes for use

5. Maintain routing information.

In an OSPF network, when a packet need to traverse from one area to another area to reach its destination, it is routed as below:

Source Area -> Source ABR -> Backbone Area -> Destination ABR -> Destination Area Routers

The following are the types of OSPF routers:

• Internal router: An internal router has all the interfaces in the same area. All internal routers have same link state databases.
• Backbone router: Backbone routers sit on the perimeter of Area 0, with at least one interface connected to backbone (Area 0).
• Area Border Router (ABR): ABRs are routers that have interfaces attached to multiple areas. It may be noted that these routers maintain separate link-state databases for each area that they are connected. They are capable of routing traffic destined for or arriving from other areas.
• Autonomous System Boundary Router (ASBR): These are the routers that have at least one interface to the external network (another autonomous system). This autonomous network can be non-OSPF. ASBRs are capable of route redistribution, a term used to imply that the concerned router can import routing information from non-OSPF networks and distribute the same in OSPF network for which it is responsible and visa versa.

When an area is configured as stub or totally stubby, a default route (0.0.0.0) is injected into the area.

OSPFv3: OSPF for IPv6 requires the use of IPsec to enable authentication. The IPv6 AH (Authentication Hearder) and ESP extension headers are used to provide authentication and confidentiality to OSPF for IPv6.

OSPFv3 uses the IPv6 multicast addresses FF02::5 (for all OSPF routers) and FF02::6 224.0.0.5 and 224.0.0.6 are the multicast addresses used by OSPFv2.

The following are true about OSPFv3:

• Multiple OSPF processes are supported as in OSPFv2
• OSPFv3 supports IPv6 whereas OSPFv2 doesn't.
• Uses multicast addresses FF02::5 and FF02::6
• Type 3 and type 9 LSAs carry IPv6 prefix information, whereas IPv4 prefix information is carried in type 1 and type 2 LSAs

The correct sequence of steps required for enabling ospf in area 0 are (assuming that the interface Ethernet 0/0 is being configured):

Router> enable
Router# configure terminal
Router(config)# interface ethernet 0/0
Router(config-if)# ipv6 ospf 1 area 0

BGP: Internet Assigned Numbers Authority (IANA) is responsible for assigning BGP autonomous system numbers. Routers running BGP in an AS use network policy to choose the best path. Metrics are not used in BGP. Remember that Internet is made of autonomous systems (AS) that are connected together based on Policies specific to each AS. Also, AS numbers (ASN) are assigned by AINA and are unique over the Internet. In an internet (not big I) the ASNs can be assigned by the corporation itself that is implementing internet.

iBGP routers don't have to be directly connected, as long as there is some IGP running that allows the two neighbors to reach one another. If two routers belong to the same AS, then they run iBGP, whereas, if they belong to different ASs, they need to run eBGP

The following are true about BGP

• A BGP peer group is useful to decrease the overhead of configuring policies on all individual BGP neighbors in an AS. When a peer group is created, policies are assigned to the peer group name and not to the individual neighbors.
• Update policies are normally set by route maps, distribution lists, and filter lists.
• Members of the peer group can be configured to override the configuration options for incoming updates, but not to the outgoing updates.
• Before any route information is exchanged between any two routers running BGP, a TCP connection need to be established. Route information is exchanged between the BGP routers only after the TCP connection is established.
• Any two routers that have formed a TCP connection in order to exchange BGP routing information are called peers, or neighbors. BGP peers initially exchange their full BGP routing tables. After this exchange, incremental updates are sent as the routing table changes. BGP keeps a version number of the BGP table, which should be the same for all of its BGP peers. The version number changes whenever BGP updates the table due to routing information changes. Keep alive packets are sent to ensure that the connection is alive between the BGP peers and notification packets are sent in response to errors or special conditions.
• The BGP split horizon rule says that routes learned via an IBGP are never propagated to other IBGP peers. However, in the case of BGP route reflectors, there is an exception. A route reflector propagates the routes learned by IBGP to other IBGP peers.

BGP attributes:

• Prefer the path with the highest WEIGHT. Note that WEIGHT is a Cisco-specific parameter. It is local to the router on which it is configured.
• Prefer the path with the highest LOCAL_PREF. Note that a path without LOCAL_PREF is considered to have had the value set with the bgp default value of 100.
• Prefer the path that was locally originated via a network or aggregate BGP subcommand or through redistribution from an IGP.
• Local paths that are sourced by the network or redistribute commands are preferred over local aggregates that are sourced by the aggregate-address command.
• Prefer the path with the shortest AS_PATH.
• Prefer the path with the lowest origin type. Among the paths, note that,IGP is lower than Exterior Gateway Protocol (EGP), and EGP is lower than INCOMPLETE.
• Prefer the path with the lowest multi-exit discriminator (MED).
• Prefer eBGP over iBGP paths.

Well-Known mandatory attributes must appear in all BGP update messages. The well-known mandatory messages are:

1. AS_PATH: BGP messages carry the sequence of AS numbers indicating the complete path a message has traversed.

2. NEXT_HOP: This attribute indicates the IP address of the next-hop destination router.

3. ORIGIN: This attribute tells the receiving BGP router, the BGP type of the original source of the NLRI information.

The assignable BGP autonomous system numbers are from 1 to 65,535 (I.e. 65,535 in total). Autonomous system numbers are of 16 bit length. This 2 ^ 16 = 65536 -1 possible ASNs, since ASN of all 0s is not assigned. Out of this,

The Internet Assigned Numbers Authority (IANA) has reserved the following block of AS numbers for private use (not to be advertised on the global Internet):64512 through 65535

The command "show ip bgp neighbors" is most useful in troubleshooting BGP connections. When the connection is established, the peer/ neighbor router exchanges BGP information. If a TCP connection (BGP session) is not established, a BGP router can not exchange any BGP routing information with the adjacent router with which it is trying to establish neighbor relationship. The following is sample output of "show ip BGP neighbors" command.

BGP runs between routers of the same AS, where as eBGP runs between the routers belonging to distinct ASs.

iBGP runs between routers of the same AS, where as eBGP runs between the routers belonging to distinct ASs.

In BGP, the term Multihoming is used when an AS is connected to more than one ASP. The purpose of multihoming is:

• To improve the reliability of connectivity to the Internet, that even if one connection fails, the other connection will be available.
• To share the traffic load, resulting in the performance improvement.
• The term multihoming is also used in the context, when there are two or more network cards are configured in a computer, for routing traffic. However, this is not relevant in BGP.

While selecting best route in BGP, the order of preferences are as below:

• Weight - If multiple routes exist, the route with the highest weight is preferred.
• Local preference - If multiple routes have the same weight, the route with the highest local preference is preferred.
• Local router - If multiple routes have same local preference, prefer the route originated by the local router.
• AS path - If multiple routes have the same local preference, prefer the route with shortest AS path.

Route Redistribution: Here, it is required to redistribute EIGRP into OSPF. The command sequence for this is:

!RouterB
router ospf 10
redistribute eigrp 5
default-metric 128

The command "redistribute eigrp 5" signifies that OSPF is being redistributed into EIGRP. Also, default-metric 128 signifies the default metrics to be assigned to routes being redistributed.

The default metric for a redistributed route should be set to a value larger than the largest metric within the AS.

CDP: CDP, short for Cisco Discovery Protocol runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices. CDP runs on all LAN and WAN media that support SubNetwork Access Protocol (SNAP).

PPP (Point-to-Point Protocol): PPP is a protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. For example, your Internet server provider may provide you with a PPP connection so that the provider's server can respond to your requests, pass them on to the Internet, and forward your requested Internet responses back to you. PPP uses the Internet protocol (IP) (and is designed to handle others).

LLDP: The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. It is similar to CDP (Cisco Discovery Protocol), but works in multi-vendor environment as long as the individual vendors comply with the standard.

Note that RMON1, and NetFlow are traffic analyzers that are primarily used for flow control and QoS.

Previous   Contents   Next