Beruflich Dokumente
Kultur Dokumente
IP Routing is an umbrella term for the set of protocols that determine the path that data follows in order to travel across multiple networks from its source to its destination. Some of the concepts such as the variable-length subnet masking (VLSM), manual route summarization and automatic route summarization are discussed in depth
Lessons
Variable Length Subnet Masking Routing Protocol EIGRP Concepts
OSPF Protocol
Troubleshooting IP Routing
IP Routing is a term for the set of protocols that establish the path that data follows in order to travel across multiple networks from its source to its destination. The IP Routing protocols enable routers to build up a forwarding table that compares final destinations with next hop addresses.
Topics
Classless and Classful Routing Protocols Overlapping VLSM Subnets Addressing with VLSM Route Summarization
Each IP routing protocol should fall into either classless or classful routing category
The subnets address ranges should not overlap in any IP internetwork There are more chances for overlapping if the network is with single subnet mask Due to this overlapping, routing becomes random and only particular parts of the internetwork can reach some hosts. The problems related to overlapping VLSM subnets are analyzing an existing design to find overlaps
To also select new VLSM subnets so that an overlapped subnet should not be created
Designing the IP addressing scheme for a classful network can be done by selecting IP subnets with a single subnet mask. The process starts with evaluating the number of subnets and the number and the number of hosts in the largest subnet. Now a subnet mask is chosen. And then all possible subnets of the network using that mask are identified.
Find the largest segment in the areathe segment with the largest number of devices connected to it. Find the appropriate subnet mask for the largest network segment. Write down the subnet numbers to fit the subnet mask. For the smaller segments, consider a newly created subnets and apply a most appropriate, subnet mask. Make a note of the newly subnetted subnets.
Route Summarization
Route summarization has the ability to take a bunch of neighboring network numbers in the routing table and advertise them as a single summarized route The advantages of route summarization includes
It reduces the size of routing tables, requiring less memory and processing.
It reduces the size of updates, requiring less bandwidth. It controls network problems
Route Summarization
Manual Summarization
when an engineer configures one or more commands. The network demands have to be manually configured.
Auto Summarization
It happens automatically without a specific configuration command. It is by default with some protocols
10
Manual Summarization
The term manual refers to the fact that manual route summarization occurs only when an engineer configures one or more commands When we summarize routes in RIP, IGRP, EIGRP, or OSPF, we are replacing a series of routes with a summary route and mask Searching the routing table for the longest match is an important feature ,it allows
11
AutoSummarization
Autosummarization means when a router has interfaces in more than one Class A, B or C network It can advertise a single route for an entire Class into the other classful network There is an example of autosummarization
12
Conclusion
A Variable Length Subnet Mask (VLSM) is a resource of assigning IP addressing to subnets. Classful networking is the name given to the first round of changes to the structure of the IP address in IPv4. The subnets address ranges should not overlap in any IP internetwork. When an engineer configures one or more commands, it happens to be a manual autosummarization
13
Routing protocols are used between routers to determine paths and maintain routing table. A routing protocol specifies how routers communicate with each other to distribute information that allows them to select routes between any two nodes on a network.
Topics
Dynamic Routing protocol Routing Protocol Functions Distance Vector Protocol Link-state routing Protocol
14
In dynamic routing, the routers monitor the network, and can change their routing tables based on the current network conditions. A Dynamic Routing system selects routes based on current state information for the network. The routing protocols are divided into two groups.
Interior Gateway Protocols (IGP) are used to route Intranet communication within one administrative boundary.
Exterior Gateway protocol is used to exchange routing information between two neighbor gateways.
Module no. 2 : IP Routing
15
A routing protocol is a protocol that supports the transport of a routed protocol. It supports methods for the common use of routing information for routers. Some of the functions of a routing protocol are
Longest Prefix Match Administrative Distance Metrics Load Balancing
16
Longest Prefix Matching techniques have received significant attention due to the fundamental role it plays in the performance of Internet routers.
Longest prefix matches are used to determine the best next-hop route for a packet The path is based only on the destination address contained in the packet header. The result of a longest prefix match generally reflects the best, or shortest, route to the destination.
17
Administrative Distance
Routers use administrative distance feature to select the best path when there are two or more routes to the same destination from two different routing protocols Administrative distance describes the reliability of a routing protocol.
With the administrative distance value, each routing protocol is prioritized on order of most to least reliable.
Administrative distance has only local significance, and is not advertised in routing updates.
18
Routing algorithm uses routing metric to decide whether one route is better than another. It is the most common routing metric
They are arbitrary numeric values usually assigned to network links by network administrators. It refers to the time required to move a packet from source to destination through internetwork. This refers to the available traffic capacity of a link.
It refers to the degree to which a network resource The hop count is the number of network devices between the starting node and the destination node The cost of a path is a function of both the hop count and the available bandwidth.
19
If a router finds multiple routes to a specific destination, by default it takes the route with the lowest administrative distance in the routing table If the administrative distance is same, router will select the lowest cost to the destination. Each routing process calculates its cost differently and the costs may need to be manipulated in order to achieve load-balancing.
The IGRP and EIGRP routing protocols support unequal cost load-balancing.
20
Distance is the cost of reaching a destination, usually based on the number of hosts the path passes through The vector is the interface traffic that will be forwarded out in order to reach the destination network
Distance vector protocols use a distance calculation plus a outgoing network interface to choose the best path to a destination network.
RIP and IGRP are distance vector protocols
21
Route poisoning is a way to prevent routing loops. It prevents a network from sending packets through a route, which is invalid.
Split Horizon
Split horizon is used with small routing loops. Split horizon is a powerful loop-avoidance feature.
22
There are two distance vector loop avoidance procedures, those two are Split Horizon and Poison Reverse. The poison reverse updates are intended to prevent larger routing loops
Triggered Updates
Distance vector protocols send updates based on a regular update interval Most looping problems occur when a router fails Distance vector protocols send triggered updates as soon as a route fails. Whenever a gateway changes the metric for a route, it is required to send update messages, this is the manner in which the triggered updates are sent
Module no. 2 : IP Routing
23
Link-state protocol is another major type of routing protocol. Using link-state routing protocols need to collectively advertise every detail about the internetwork to all the other routers. Open Shortest Path First (OSPF) is a link-state protocol, which is more reliable and widely used inside large IP routing domains.
24
Dual Algorithm
Diffusing Update Algorithm (DUAL) is used by EIGRP to calculate and create routing tables based on certain criteria It provides loop-free operation at every instant throughout a route computation DUAL also permits a router running EIGRP to find alternate paths without waiting on updates from other routers.
DUAL calculates which route will be the successor and feasible successor.
25
Conclusion
Interior Gateway Protocols (IGP) are used to route Internet communications within a local area network. A Dynamic Routing system selects routes based on current state information for the network. A routing protocol is a protocol that supports the transport of a routed protocol.
Load balancing is used in networks where it is difficult to assume the number of requests that will be issued to a server.
26
Conclusion
Distance vector protocols use a distance calculation plus an outgoing network interface to choose the best path to a destination network. Diffusing Update Algorithm (DUAL) is used by EIGRP to calculate and create routing tables based on certain criteria
27
Hybrid Routing is a third classification of routing algorithm. Hybrid protocol uses advantages of both distance vector and link state protocols. It uses distance vectors for more accurate metrics to decide the best paths to destination networks and report routing information only when there is a change in the topology of the network.
Topics
Enhance Interior Gateway Protocol EIGRP Packet Types Troubleshooting EIGRP
28
The Enhanced Interior Gateway Routing Protocol (EIGRP) is an evolution from its predecessor IGRP. EIGRP was developed due to the changes in networking and the demands of diverse, large-scale internetworks. EIGRP is compatible with IGRP routers EIGRP treats IGRP routes as external routes and provides a way for the network administrator to customize them.
29
EIGRP supports fast convergence, support for variable-length subnet mask, support for partial updates, support for multiple network layer protocols.
EIGRP stores all its neighbors routing tables so that it can adapt to alternate routes EIGRP supports VLSM (variable-length subnet masks), which permits routes to be automatically summarized on a network EIGRP can be configured to summarize on any bit boundary at any interface.
30
Route tagging permits the network administrator to customize routing and maintain flexible policy controls. Route tagging is particularly useful in transit ASs, where EIGRP typically interacts with an interdomain routing protocol that implements more global policies
31
Neighbor Table
Neighbor table lists all attached EIGRP routers. Dynamically learn of new routes that join their network. Identify routers that become either unreachable or deadly. Rediscover routers that had previously been unreachable.
Topology Table
Every EIGRP router maintains a topology table for each network protocol. Each entry in the topology table includes the destination address and a list of neighbors that have advertised the destination.
Routing and Switching Administration II Module no. 2 : IP Routing
32
Like OSPF, EIGRP uses hello packets to discover and maintain neighbor relationships.
EIGRP generates hello packets every 5 seconds on LAN, point-to-point, and multipoint connections with speeds of at least T1/E1 speeds. If an EIGRP router doesnt receive an ACK from these three packet types, the router will try a total of 16 times to resend the information. When a router sends a hello packet, no corresponding ACK is expected.
33
EIGRP is an enhanced distance vector protocol, relying on the Diffused Update Algorithm (DUAL) to calculate the shortest path
DUAL uses distance information to select efficient, loop-free paths and it chooses the router for adding in a routing table based on feasible successors.
34
EIGRP uses the minimum bandwidth on the path to a destination network and the total delay to compute routing metrics
When you configure other metrics but it may cause routing loops in the network. The bandwidth and delay metrics are determined from values configured on the interfaces of routers in the path to the destination network
35
Feasible distance is the best metric along a path to a destination network, including the metric to the neighbor advertising that path.
It is the lowest known distance to a particular destination. Advertised Distance is the distance to a particular destination as reported by a router to its neighbors. This distance is sometimes also called a Reported Distance
36
In the convergence process all routers share and process the same routing tables. With EIGRP, each router has the exact same information, which is achieved by retaining the information sent by the EIGRP routers neighbors.
A successor route is a path in the topology table that has the best metric compared to all the other alternative paths to the same destination. A feasible successor is a backup route to the successor route.
37
Load Balancing
In the routing table EIGRP mentions up to four routes of equal cost, which the router then load balances. EIGRP can also load-balance over unequal cost links. The load balancing types changes according to the type of switching being done in the router. By using max-paths, we can configure EIGRP to use up to six routes of equal cost.
38
Hello
Acknowledgment
Update
Query
Reply
39
Conclusion
The Enhanced Interior Gateway Routing Protocol (EIGRP) is an evolution from its predecessor IGRP EIGRP treats IGRP routes as external routes and provides a way for the network administrator to customize them. Like OSPF, EIGRP uses hello packets to discover and maintain neighbor relationships
EIGRP uses the metrics such as bandwidth, delay, reliability and load to select the router
41
The Open Shortest Path First (OSPF) handles routing for IP traffic. Its newest implementation, version 2, is explained in RFC 2328. OSPF was created in the mid-1980s in order to overcome problems, especially scalability problems that RIP had in large enterprises
Topics
OSPF Neighbors OSPF Routers IP Routing Table OSPF Area Advanced OSPF Troubleshooting OSPF Problems
Module no. 2 : IP Routing
42
OSPF Neighbors
Link-state protocols do not exchange routes and metrics This series of computations is known as the Shortest Path First (SPF) algorithm, also referred to as the Dijkstra algorithm Sending routers will send Link State Advertisements into a Link State Update (LSU). OSPF routers send neighbors hello packets at regular intervals.
Link-state protocols do not depending on distance-vector loop prevention methods such as split horizon or poison reverse.
43
OSPF Neighbors
Neighbor States
Down Attempt
Init
2-Way
Exchange
Loading Full
Routing and Switching Administration II Module no. 2 : IP Routing
44
OSPF Routers
OSPF routers serve in various roles depending upon where they are located and which areas they participate in:
Internal Routers Backbone Routers Area Border Router (ABR) Autonomous System Boundary Router (ASBR) Designated Router (DR)
45
IP Routing Table
In the IP routing table, each router runs the Dijkstra SPF algorithm against the OSPF topology database The best path is chosen based on this process. The OSPF topology database contains lists of subnet numbers, lists of routers and the links to which each router is connected. A router uses the SPF algorithm to find the best path with the information of links and routers.
The algorithm finds the shortest path from that router to each subnet in the LSDB and enters the best route to each subnet in the IP routing table
46
OSPF Area
OSPF areas are used to give a hierarchical structure to the flow of data over the network. A network using OSPF will always have at least one area. Areas are used to group routers into manageable groups that exchange routing information locally
Advanced OSPF
Configuring OSPF Router ID
48
Advanced OSPF
Hello and Dead Timer
Hello timer is responsible for communication of any neighbor routers The Dead timer is responsible for terminating the OSPF connection
OSPF Metrics
OSPF metric is cost, to change this metrics enter on the interface mode. Then issue int s0 command By default the cost of any interface is 64, with the help of ip ospf cost 12 command Sh ip ospf int s 0 command is used to verify the cost
49
Advanced OSPF
Load Balancing
If we have more than 2 best routes to reach the destination we can use load balancing feature.
To enter privilege mode issue enable command By default, OSPF will load balance on 4 paths. With the help of maximumpath command we can determine how many paths can be used for load balancing
50
Advanced OSPF
OSPF Authentication
OSPF cost
Whether interface is up or down Whether authentication is enabled or not
52
Conclusion
The Open Shortest Path First (OSPF) handles routing for IP traffic.
The disadvantage of OSPF is it needs more memory to hold the adjacency, topology and routing table.
Link-state protocols do not exchange routes and metrics
In the IP routing table, each router runs the Dijkstra SPF algorithm against the OSPF topology database OSPF areas are used to give a hierarchical structure to the flow of data over the network
Module no. 2 : IP Routing
53
IP routing is the core of networking. It is a set of protocols that determine the path of traffic that flows in order to travel over multiple networks and across different routers. Troubleshooting issues related to IP routing form a major part of network maintenance
Topics
Using ICMP Using Traceroute Troubleshooting Packet Forwarding Isolating IP routing with respect to routers Forward Route Problem Reverse Route Problem
54
ICMP is a protocol that is included in TCP/IP. It helps to manage and control the TCP/IP network. ICMP maintains information of a TCP/IP network it can be used for troubleshooting ICMP sends error messages and is not related to sending and receiving data. IP encapsulates the errors with an appropriate ICMP message and a new IP header and then transmits the resulting datagram
55
Host Unreachable
Protocol Unreachable
Port Unreachable
Fragment needed but DF set
Module no. 2 : IP Routing
56
57
ICMP redirect messages are generated by a router to tell a host that a better route is available for a particular destination address.3
If there are multiple routers connected to the same subnet, then sending packets to the default gateway is not the best route. The default gateway will recognize that there is another better route It will send an ICMP Redirect message to the host.
58
ICMP Time Exceeded messages are generated by routers or gateways. Each IP header has a Time to Live (TTL) field. Router decrements TTL by 1 every time it forwards the packet. When the TTL value becomes 0 routers discard the packet and send ICMP Time Exceeded message to the host.
59
Using Traceroute
Traceroute command shows the route over the network between two systems It lists all intermediate routers a connection has to pass through to finally reach the destination Traceroute uses the TTL field of IP header and Time Exceeded messages to find the routers Traceroute receives an ICMP Port Unreachable message from the host when the test packet is not delivered to the destination. There is an extended traceroute command available that can be used for testing reverse routes.
60
The two main functions of a router are packet forwarding and routing. Packet forwarding is important as it decides the path of data flow.
Extracting the header information from incoming traffic. Looking up for matching header entry in forwarding/routing table. Sending packets corresponding to the next hop in the table on the network.
Unicasting is the simplest type of packet forwarding where data is passed from link to link on a chain leading from source to destination.
Troubleshooting packet forwarding process helps in problem isolation on a network. Routing and Switching Administration II Module no. 2 : IP Routing
61
The ping command is used to analyse whether the problem lies with source or destination Ping the hosts default gateway from the host or ping the hosts IP address from default gateway. You can use extended ping command from the default router for the hosts IP address with a source address from another of the routers interface. Once ping works on both the source host and destination host issue , the host will be discarded and the troubleshooting will continue
62
The route that a packet follows from the source to destination is called as a forward route Troubleshooting includes finding issues with source/destination host as well as the forward/reverse route.
If there is no issue with the routers then the entire focus is between the connectivity of the first and the last router.
In this case, the problem will be usually associated with either the forward route or the reverse route.
63
A connection between two systems or networks has two routes. One is the forward route from host to destination and another from the server back to the source. This route is called as the reverse route.
64
Conclusion
ICMP manages and controls TCP/IP network. It does the job of delivering error messages to a host within a network. It generates Destination Unreachable messages when packet delivery fails. ICMP Redirect message provide a better route for data flow in a network. ICMP Time Exceeded messages are generated by routers or gateways. If there is no issue with the routers then the entire focus is between the connectivity of the first and the last router. A connection between two systems or networks has two routes.
Module no. 2 : IP Routing
65
IP access control lists are used to control traffic in a network. They act as filters and restrict access to the network. IP ACLs help a router to discard unwanted packets that may come from hackers. Access control lists are used in firewall routers. These firewall routers are placed between an internal network and external network like internet.
Topics
IP Access Control Lists Managing ACL Configuration Editing ACLs using sequence numbers Controlling Telnet and SSH access with ACL Advanced ACL Access List Troubleshooting
66
The IP access control list has the filtering logic. The filter contains rules for matching an IP packet. They are matched for the protocol, address, port, ICMP type and type of service. Access control lists can be generated for both incoming and outgoing packets on an interface Deny term is used for a packet to be filtered whereas Permit is used when a packet is not going to be filtered
67
It has a simple logic. It filters packets based on source IP address. It is placed close to the destination router. It has numbers ranging from 1 to 99 and 1300 to 1999.
68
69
It has a complex logic It filters based on source and destination IP address, IP protocol and protocol information. It is placed near to source router. Is has number ranging from 100 to 199 and 2000 to 2699
Routing and Switching Administration II Module no. 2 : IP Routing
70
Source IP address
Source port
Destination IP address
Destination port
71
IOS identifies named ACLs by the names that are given instead of numbers.
An individual line in the access command list can be deleted with this option. To configure a named standard ACL the following command is used:
72
Some key points you need to remember configuring a standard IP ACL are:
A standard ACL is placed close to the destination router. Enable ACL on the router interface using ip command in the correct direction (inbound/outbound). It performs the match based on the source address hence you should know the source IP address. The access-list is searched in a sequence and the search stops if a match is made, hence all deny statements should
Module no. 2 : IP Routing
73
If the extended ACL has a TCP parameter then the command will be:
access-list access-list-number (deny/permit) (tcp/udp) source source-wildcard (operator (port)) destination destination-wildcard (operator (port)) (log)
Routing and Switching Administration II Module no. 2 : IP Routing
74
The number of packets matched by named ACLs is the same as compared to standard and extended IP ACLs. The advantage with named ACL is that you can change the ACL configuration.
75
To delete a single command you had to disable the ACL from all interfaces and then delete it. To configure the ACL again, it had to be enabled again on all the interfaces. With the introduction of named ACL this was prevented by deleting a single command. Now there is no need to delete the entire ACL using sequence numbers you can
Delete an individual ACL deny/permit statement by referencing the sequence number. Add a new deny/permit statement giving the location using
Module no. 2 : IP Routing
76
Access control lists can also be used to control access of a router by Telnet and SSH. Telnet uses port 23 and SSH uses port 22 The VTY lines can be applied with ACL in order to restrict access through or SSH. VTY lines are used to connect to a router to make configuration changes or check status.
77
Advanced ACL
There are some ACLs that are used for specific tasks.
Types of ACLs
Reflexive ACLs
Description
Reflexive ACLs are also called as IP session filtering. They provide security as they allow traffic if a request is initiated within the same network Dynamic ACLs are also called as Lock-and-Key Security. To gain access to the host the user will have to first generate a telnet to the router. Time-based ACLs are similar to normal IP ACLs except that they have a time parameter attached to the command.
Dynamic ACLs
Time-based ACLs
78
The access-list has been applied to the correct interface or not. The access-list has command statements listed and is not empty. The sequence of rules in the access-list is followed.
The deny filter is too long Access-list is empty The packets do not match any existing permit filters. The order of deny command is too high in the access-list
The order of permit command is too high in the access-list. The permit filter is too long.
Module no. 2 : IP Routing
80
The ACL has not been applied to all interfaces in the PortChannel
Security Device Manager (SDM) is a web based, GUI device management tool. SDM has built in configuration checks and can monitor router performance, system logs and firewall logs It also includes advanced wizards for LAN and WAN networks. SDM improves productivity and make router management easy.
Module no. 2 : IP Routing
81
Conclusion
The Open Shortest Path First (OSPF) handles routing for IP traffic.
The disadvantage of OSPF is it needs more memory to hold the adjacency, topology and routing table.
Link-state protocols do not exchange routes and metrics
In the IP routing table, each router runs the Dijkstra SPF algorithm against the OSPF topology database OSPF areas are used to give a hierarchical structure to the flow of data over the network
Module no. 2 : IP Routing
82