CCNP ROUTE

***Note***: These are my personal notes while studying for the CCNP Route exam.  Feel free to use them and by all means leave comments if you see any items that are incorrect or missing.

—(INE 19)—

IP Routing Overview

3 steps:

  • Routing – find the outgoing interface
    • Step 1 – Find the longest match (most bits)
    • Step 2 – Perform recursive lookup
      • Find an interface
    • If multiple longest matches exist
      • Metric and Administrative Distance
        • Same protocol – metric used to decide between multiple routes
        • Different protocols – administrative distance used to decide

Admin Distance

 

  • Switching – move the packet between interfaces
    • Process switching, Fast switching, CEF
    • Move the packet between interfaces
    • Where load balancing occurs
  • Encapsulation
    • Build the L2 header
    • L2 packet rewrite
    • Two different types of interfaces
      • Point to point
        • Only one possible destination
        • No need for layer 2 addressing
        • eg: HDLC, PPP
      • Multipoint
        • More than one possible destination
        • Requires layer 3 to layer 2 resolution
        • eg: Ethernet (mac), Frame Relay (DLCI), ATM (VPI/VCI),etc.

Routing to a Next-Hop vs. Interface

  • To next-hop
    • eg: ip route 10.0.0.0 255.0.0.0 1.2.3.4
    • Recursive lookup required
    • Resolve layer 2 address of 1.2.3.4
  • To point-to-point interface
    • eg: ip route 10.0.0.0 255.0.0.0 Serial0/0.1
    • No recursive lookup
    • Layer 2 resolution not required
  • Tomultipoint interface
    • eg: ip route 10.0.0.0 255.0.0.0 FastEthernet0/0
    • No recursive lookup
    • Resolve layer 2 address for final destination
      • Ethernet Proxy-ARP
      • NBMA Addresses

—(INE 21)—

 EIGRP

Enhanced Interior Gateway Routing Protocol

  • Successor to IGRP
  • Cisco proprietary “hybrid protocol”
    • Both Distance Vector and Link State behavior
    • Really “Advanced Distance Vector”
  • Classless
    • Supports VLSM and summarization

Why use EIGRP?

  • Guarantees loop-fee topology
    • Uses  diffusing update algorithm (DUAL) calculation
  • Fast convergence
    • With some configurations, 50-100 ms convergence
    • Fastest of all IGP in certain designs
    • Backup routes
  • Reliable and Efficient Updating
    • Forms active neighbor adjacencies
    • Guarantees packet delivery with Reliable Transport Protocol (RTP)
      • IP Protocol 88 (see IANA Protocol Numbers)
    • Supports partial updates
      • Not all neighbors need all routes
  • Multiple routed protocol support
    • IPv4, IPX & Appletalk
  • Granular Metric
    • Hybrid metric derived from multiple factors
  • Unequal Cost Load Balancing
    • Only IGP that supports true load distribution
  • Control Plane Security
    • Supports MD5 authentication

How EIGRP Works

  • Step1 – Discover EIGRP Neighbors
    • Multicast “HELLO” packets to discover neighbors on EIGRP enabled attached links
      • Transport via IP protocol 88
      • Destination address 224.0.0.10
    • Hello packets contain
      • Autonomous System Number (not a public ASN like BGP)
      • Hold Time – how long to wait before declaring neighbor unreachable
        • Does not have to be the same between neighbors
        • Opposite of Hello/Dead timers for BGP/OSPF
      • Authentication
      • Metric Weightings (K Values)
    • Neighbors found are inserted into EIGRP neighbor table
    • Neighbors that agree on attributes and exchange updates form active adjacency
  • Step 2 – Exchange Topology Information
    • EIGRP “Update” messages used to exchange routes
      • Sent as multicast to 224.0.0.10 or as unicast
      • IP Protocol 88 must be allowed for both multicast and unicast
    • RTP uses sequence numbers and acknowledgements (ACKs) to ensure deliver
    • Update messages describe attributes of a route
      • Prefix and Length (network and subnet mask)
      • Next-Hop
      • Bandwidth
      • Delay
      • Load
      • Reliability
      • MTU
      • Hop Count
      • External Attributes
    • All routes learned from all neighbors make up the topology table
      • show ip eigrp topology
  • Step 3 – Choosing the Best Path
    • Once topology is learned, DUAL runs to choose loop-free best path to each destination
    • Unlike other protocols EIGRP uses complex “composite” metric to choose best path
    • Composite metric calculated from:
      • Administrative weighting
      • Bandwidth
      • Delay
      • Load
      • Reliability
    • Path with lowest composite metric is considered best and installed into IP routing table
      • show ip route eigrp
    • One or more backup routes can also be pre-calculated per destination
    • Only best route is advertised to other EIGRP neighbors
  • Step 4 – Neighbor and Topology Table Maintenance
    • Unlike RIP or IGRP, active EIGRP neighbor adjacency reduces convergence time in event of network failure
    • Adjacent neighbors hello packets contain “hold time”
      • If no hello is received within hold time, neighbor declared unreachable
    • When neighbor is lost…
      • Paths via that neighbor are removed from topology and routing table
      • If backup routes exist they become new best paths and are inserted into routing table
        • In this case EIGRP can have sub-second convergence
      • If no backup routes exist, DUAL must run again
        • When best path is lost and no backup routes exist, route goes into “active state” and “active timer” starts
        • EIGRP “QUERY” message is reliably sent to remaining neighbors asking for alternate route
        • QUERY is propagated to all neighbors within EIGRP “query domain” or “flooding domain”
        • Neighbors respond with EIGRP “REPLY” packet indicating if alternate route is available
          • If alternate route exists, DUAL recalculates new best path
          • If no alternate route, prefix removed from topology table
          • If active timer expires and no REPLY received, route is declared “Stuck-In-Active” (SIA) and removed from topology table
            • Indicates incorrect design

—(INE 22)—

EIGRP Loop Prevention

  • Loop-free topology guaranteed through:
    • Split Horizon
      • Don’t advertise routes out the same link they came in on
    • DUAL Feasibility Condition
      • If your metric to the destination is lower than mine, you must be closer

DUAL Terms

  • Successor – Best path to a destination
  • Feasible Distance (FD) – Composite metric of best path
  • Feasible Successor (FS) – Backup path to a destination
  • Advertised Distance (AD) – Compsite metric learned from neighbor
  • Local Distance (LD) – Composite metric to reach local neighbor
  • Feasibility Condition (FC) – Criteria for valid backup paths

DUAL Path Selection

  • Once adjacency occurs and update messages are exchanged, path selection begins
  • Each update includes the metric the upstream router uses to reach the destination (AD)
  • Local router knows the metric to reach each upstream router (LD)
  • Best path (successor) is chosen based on lowest AD + LD
  • Once best path is determined, additional paths are examined for backup routes:
    • Feasibility Condition (FC) finds loop-free backup routes via logic..
      • If AD < FD, path is loop-free and a viable backup
      • eg: If your metric is lower than mine, you are closer to the destination, and loop-free
    • Paths that mean the FC are Feasible Successors (FS)
    • Only Feasible Successors can be used for unequal cost load balancing

Composite Metric Calculation in Detail

  • Inverse lowest bandwidth along path in Kbps scaled by 10^7 * 256
    • Bandwidth looks at the bottleneck, or the lowest bandwidth value along a given path as that is the limiting factor
  • Cumulative delay along path in tens of microsends scaled by 256
  • Worst load along path (out of 255)
  • Worst reliability along path (out of 255)
  • Composite metric is computed as:
    • metric = [k1 * bandwidth + (k2 * bandwidth)/(256 – load) + k3 * delay]
    • If k5 != 0, metric * [k5/(reliability + k4)]
  • K values allow for manual administrative weighting
  • Default values are K1 = 1,K2 = 0,K3 = 1,K4 = 0,K5 = 0
    • Implies default composite is bandwidth + delay
    • Reliability and load typically not used since they are constantly changing

Implementing Basic EIGRP

  • InitializeEIGRP process
    • router eigrp [asn]
  • EnableEIGRP on links
    • network [network] [wildcard mask]
  • Network statement does not control what is advertised, it controls what interfaces run the protocol

Verifying Basic EIGRP

  • Show EIGRP metric weightings (K values)
    • show ip protocols
  • Verify EIGRP interfaces
    • show ip eigrp interfaces
  • Verify EIGRP neighbors
    • show ip eigrp neighbors
  • Verify EIGRP topology
    • show ip eigrp topology
    • show ip eigrp topology
      • Will show topology details for a specific network
    • show ip eigrp topology all-links
      • Will show all paths, including those not used (excluded from feasibility condition)
  • Verify EIGRP routes in routing table
    • show ip route [eigrp]
  • See exchange of EIGRP messages
    • debug eigrp packet
  • See all messages
    • debug ip packet detail
    • Multicast traffic to 224.0.0.10 with IP Protocol 88 indicated EIGRP traffic

—(INE 24)—

  •  For backwards compatibility,EIGRP automatically summarizes routes
    • no auto-summary (recommended)
  • EIGRP supports default routing in two ways
    • Candidate default network
      • ip default-network [network]
    • Native advertisement of 0.0.0.0/0 prefix
      • ip route 0.0.0.0 0.0.0.0 [next-hop]
    • default-information command in EIGRP does not behave the same as other protocols
    • Typical configuration would be to have a default static route on your edge (to the ISP) and advertise that to the internal network with redistribution
    • Default network must be…
      • Dynamically learned through EIGRP
      • No directly connected
      • Classful network
  • EIGRP Summarization
    • EIGRPsummarization serves two purposes
      • Minimize routing information needed in topology
      • Limit EIGRP query domain
    • Process level auto-summary automatically summarizes to classful boundary when passing major network boundaries
    • Summarize:
      • 10.1.4.0/24 (00000100)
      • 10.1.5.0/24 (00000101)
      • 10.1.6.0/24 (00000110)
      • 10.1.7.0/24 (00000111)
      • Could use 10.1.0.0/16 but this includes too many other subnets that aren’t part of the aggregate
      • Write out in binary and look for the match, in this case 10.1.4.0/22
    • Interface level
      • ip summary-address eigrp [ASN] [network] [mask]
      • ip summary-address eigrp 1 10.1.4.0 255.255.252.0
  • DMVPN – an example of reducing the Query domain
    • Mesh IPSEC tunnels using GRE
    • Connect branch sites over the internet
    • Hub and spoke topology
    • Spoke routers advertise LAN segments, using EIGRP
    • If a spoke LAN interface goes down, Query goes out to Hub, and then out to all spokes
    • Causes adjacencies to reset and could bring down the network
    • To resolve – spoke routers send only a summary
    • Now when query goes to hub, a reply is sent back
  • EIGRP Stub and Query Reduction
    • Stubs used to inform adjacent neighbors that QUERY messages should not be sent to them
    • Generally used on spoke routers, or routers with only LAN segments behind them
      • router eigrp 1
      • eigrp stub
  • “Optimal Routing Design” – Russ White (added to reading list)
  • EIGRP Authentication
    • Any end host can start listening to 224.0.0.10
    • Configure Key ID and password  – combined to form MD5 hash (lol md5)
    • Multiple keys can be configured for manual or automated key rotation
      • key-chain accept & send lifetime
      • Start sending new keys before retiring old keys in order to prevent problems with switching keys
      • NTP to synchronize clocks
      • Create key chain, keys, and key-strings
        • key chain [name]
        • key #
        • key-string [password]
      • Enable authentication on the interface facing the neighbor
        • ip authentication mode eigrp 1 md5
        • ip authentication key-chain eigrp 1 [key chain]
      • Pro Tip – You can use “show key chain” to decrypt type 7 passwords (service password-encryption)
        • 52:30 of INE video 24

—(INE 25)—

OSPF

  • Open standards based IGP
    • RFC 2328 “OSPF Version 2”
  • Link-State Protocol
    • Uses Dijkstra SPF algorithm
  • “Classless” protocol
    • Supports VLSM and Summarization
  • Attempts to build an overall “picture” of the links in a network
  • Guarantees Loop-Free Topology
    • All routers agree on overall topology
  • Standards-based
    • Inter-operability between vendors
  • Large scalability
    • Hierarchy through “areas”
  • Fast convergence
    • Actively tracks neighbor adjacencies
    • Event driven incremental updates
  • Efficient updating
    • Uses reliable multicast and unicast updates
    • Non-OSPF devices do not need to process updates
    • IP protocol 89
    • Multicast address 224.0.0.5 and 224.0.0.6
  • Bandwidth based cost metric
    • More flexible than static hop count
  • Control Plane Security
    • Supports clear-text and MD5 based authentication
  • Extensible
    • Future application support through “opaque” LSA
      • eg: MPLS traffic engineering

Distance Vector Routing Review

  • RIPv1/v2 & IGRP
  • Bellman-Ford based algorithm
  • Routers only know what directly connected neighbors tell them
    • “Routing by rumor”
  • Entire routing table periodically advertised on a hop-by-hop basis
    • Limits scalability
  • Loop prevention and convergence time limitations
    • Split horizon, poison reverse, holddown timers

Link State Routing Review

  • OSPF & IS-IS
  • UseDijkstra Shortest Path First (SPF) based algorithm
    • Guarantees loop-free calculation
  • Attributes of connected links (link-states) are advertised, not routes
    • Routers agree on overall picture of topology before making a decision (map of the network)
  • Form adjacency relationship with connected neighbors
  • Exchange link atributes in form of Link State Advertisements (LSAs)/Link State Packets (LSPs) with neighbors
  • Store copy of all LSAs in Link State Database (LSDB) to form a “graph” of the network
  • Run Dijkstra algorithm to find shortest path to all links
  • Since all routers have same LSDB, all SPF calculations are loop-free

How OSPF Works

  • Step 1 -Discover OSPF Neighbors & Exchange Topology Information
    • Uses “hello” packets to discoverneighborsonOSPF enabled attached links
      • Transport via IP protocol 89
      • Sent as multicast to 224.0.0.5 or 224.0.0.6, or unicast
    • Hello packets contain attributes that neighbors must agree on to form adjacency
    • Once adjacency is negotiated, LSDB is is exchanged
    • OSPF adjacency occurs when connected neighbors use hello packets to agree on unique and common attributes
    • Not all OSPF neighbors actually form adjacency
    • Most OSPF configuration problems happen at this stage
    • Unique attributes include:
      • Local Router-ID
      • Local Interface IP Address
    • Common attributes include:
      • Interface Area-ID
      • Hello interval and dead interval
      • Interface network address
      • Interface MTU
      • Network Type
      • Authentication
      • Stub Flags
      • Other optional capabilities (NSF as an example)
  • Step 2 – Choose Best Path via SPF
  • Step 3 – Neighbor and Topology Table Maintenance

OSPF Hello Packets

  • OSPF routers periodically send hello packets out OSPF enabled links every hello interval
  • Hello packet contains
    • Local Router-ID
    • Local Area-ID
    • Local Interface Subnet Mask
    • Local Interface Priority
    • Hello Interval
    • Dead Interval
    • Authentication Type and Password
    • DR/BDR Addresses
    • Options (eg. Stub Flags, etc.)
    • Router IDs of other neighbors on the link

OSPF Adjacency State Machine

  • OSPFadjacency process uses 8 states to determineprogressofadjacency establishment
    • Down
      • No hellos have been received from neighbor
    • Attempt
      • Unicast hello packet has been sent to neighbor, but no hello has been received back
      • Only sued for manually configured NBMA neighbors
    • Init
      • I have received a hello packet from a neighbor, but they have not acknowledged a hello from me
    • 2-Way
      • I have received a hello packet from a neighbor and they have acknowledged a hello from me
      • Indicated by my Router-ID in neighbor’s hello packet
    • ExStart
      • First step of actual adjacency
      • Master & slave relationship formed, where master has higher Router-ID
      • Master chooses the starting sequence number for the Database Descriptor (DBD) packets that are used for actual LSA exchange
    • Exchange
      • Local link state database is sent through DBD packets
      • DBD sequence number is used for reliable acknowledgement/retransmission
    • Loading
      • Link State Request packets are sent to ask for more information about a particular LSA
    • Full
      • Neighbors are fully adjacent and databases are synchronized

—(INE 26)—

  • Step 2 – OSPF SPF Calculation
    • Once databases are synchronized, path selection begins
    • Each router’s LSA’s include a “cost” attribute for each described link
    • Beth path to that link is lowest end-to-end cost
    • Cisco’s implementation uses bandwidth but per the RFCis is arbitrary
      • Default Cisco Cost = 100mbps/link bandwidth
      • Reference bandwidth can be modified to accommodate higher speed links (eg: GigE)
  • Why SPF is needed
    • With distance vector routing, you only know your neighbor’s best path
    • With link-state routung, you know all paths, including your neighbor’s unused paths
    • Dijkstra’s SPF algorithm ensures that all routers agree on the same routing path, even though they make independent decisions
    • Result of SPF is called the Shortest Path Tree (SPT)
  • To find theSPT, SPF uses three internal data sets:
    • Link State Database
      • All paths discovered from all neighbors
    • Candidate Database
      • Links possible to be in the Shortest Path Tree
    • Tree Database
      • Actual SPT once calculation is complete
  • Entries in the Candidate and Tree databases describe individual branches of the tree between two nodes
    • Denoted as (Router ID, Neighbor ID, Cost)
      • eg: the branch between R1 and R2 with a cost of 10 is denoted as (R1,R2,10)
    • R1’s ultimate goal is to build a tree with entries to every node in the topology (R1,Rn,cost)
      • ie: calculate the shortest path from R1 to everywhere
  • SPF Calculation Logic
    • Step 1 – Start by setting the local router as the “root” of the SPT, witha  cost of zero to itself
    • Step 2 – Find the links to all local neighbors and add them to the Candidate database
    • Step 3 – Take the lowest cost branch from the Candidate database and move it to the Tree database
    • Step 4 – For the branch just moved to the Tree database do the following:
      • Find the remote node’s links connecting to other neighbors
      • Move all these links to the Candidate database, with the exception of any links that go to a neighbor already in the Tree database
    • Step 5 – If the Candidate database is not empty, go to Step 3, otherwise SPF is complete and the Tree database contains the SPT

 

  • Step 3 – Neighbor & Topology Maintenance
    • Once adjacencies established and SPT built, OSPF state machine tracks neighbor and topology changes
    • Hello packets used to track neighbor changes
    • LSA fields used to track topology changes
  • Hello packets continue to be sent on each OSPF enabled link every hello interval
    • 10 or 30 seconds by default depending on interface type
  • If a hello packet is not received from a neighbor within the dead interval, that neighbor is declared down
    • Defaults to 4 times hello interval
    • Can be as low as 1 second for fast convergence
  • When an new LSA is received it is checked against the database for changes such as:
    • Sequence number
      • Used to track new vs. old LSAs
    • Age
      • Used to keep information new and withdraw old information
      • Periodic flooding occurs after 30 minutes
        • “paranoid” update
      • LSAs that reach maxage (60 minutes) are withdrawn
    • Checksum
      • Used to avoid transmission & memory corruption
  • LSA Flooding
    • When a change is detected new LSA is generated and flooded out all links
      • OSPF does not use split horizon
    • Not all LSA changes require SPF to recalculate
      • eg: link up/down event vs. sequence number change
      • See RFC 2328 “13. The Flooding Procedure” for details

—(INE 27)—

  • OSPF Media Dependencies
    • Unlike EIGRP, OSPF behaviour changes depending on what type of media it is configured on
      • ie: Ethernet vs. Frame Relay vs. PPP
    • OSPF defines different “network types” to deal with different media characteristics
    • OSPF network types control
      • How updates are sent
      • Who forms adjacencies
      • How next-hop is handled
    • OSPF Network Types
      • Broadcast (Ethernet)
      • Non-broadcast (F/R, ATM)
      • Point-to-point (PPP/HDLC)
      • Point-to-multipoint (VPLS, DMVPN)
      • Point-to-multipoint Non-Broadcast (see above)
      • Loopback (for testing)
  • OSPF Network Broadcast
    • ip ospf network broadcast
    • Default on multi-access broadcast medias
      • Ethernet
      • Token Ring
      • FDDI
    • Sends hellos and updates as multicast
      • 224.0.0.5 (AllSPFRouters)
      • 224.0.0.6 (AllDRouters)
    • Performs Designated Router (DR) and Backup Designation Router (DBR) Election
  • DR/BDR Overview
    • Designation Router (DR)
      • Used in broadcast links to
        • Minimize adjacencies
        • Minimize LSA replication
    • Backup Designation Router (BDR)
      • Used for redundancy of DR
    • DROthers
      • All other routers on the link
      • Form full adjacency with DR and BDR
      • Stop at 2-Way adjacency with each other
    • DR/BDR chosen through election process
  • LSA Replication with DR/BDR
    • DROthers send LSUs to DR/BDR via multicast 224.0.0.6
    • DR forwards LSUs to DROthers via multicast 224.0.0.5
    • Prevents constant forwarding of unneeded LSAs on the segment
    • BDR does not forward LSUs, only waits for DR to fail
    • DR must have full L2 connectivity
      • 224.0.0.5 is a link local multicast with a TTL=1
  • DR/BDR Election
    • Priority
      • 0-255
      • Higher is better
      • 0 = never
    • Router-ID
      • Highest loopback / interface IP
      • Can be statically set
      • Higher is better
    • No preemption unlike IS-IS’s DIS
  • OSPF Network Non-Broadcast
    • ip ospf network non-broadcast
    • Default on multipoint NBMA medias
      • Frame Relay / ATM
    • Sends hellos as unicast
      • Manually defined addresses with neighbor command
    • Performs DR/BDR Election
    • Originally designed for legacy networks that didn’t support broadcast transmission
      • ie: X.25
  • OSPF Network Point-to-Point
    • ip ospf network point-to-point
    • Default on point-to-point medias
      • HDLC/PPP
    • Sends hellos as multicast
      • 224.0.0.5
    • No DR/BDR Election
    • Supports only two neighbors on the link
  • OSPF Network Point-to-Multipoint
    • ip ospf network point-to-multipoint
    • Treats network as a collection of point-to-point links
    • Sends hellos as multicast
      • 224.0.0.5
    • No DR/BDR Election
    • Special next-hop processing
    • Usually best design option for partial mesh NBMA networks
  • OSPF Point-to-Multipoint Non-Broadcast
    • ip ospf network point-to-multipoint non-broadcast
    • Same as point-to-multipoint but sends hellos as unicast
    • Sends hellos as unicast
      • Manually defined addresses with neighbor command
    • No DR/BDR Election
    • Special next-hop processing
  • OSPF Network Loopback
    • Special case for Loopback and Looped-back interfaces
    • Advertises link as /32 stub host route
    • ip ospf network point-to-point used to disable this behaviour

—(INE 28)—

Single Area OSPF Implementation

Implementing Basic OSPF

  • Enable the OSPF process
    • router ospf [process-id]
      • Process-id locally significant
      • Must be an up/up interface running IP to choose Router-ID from
    • Enable the interface process
      • Process level
        • network [address] [wildcard] area [area-id]
      • Interface level
        • ip ospf [process-id] area [area-id]
    • Like EIGRP, enables OSPF on the interface
    • Wildacard mask does not relate to subnet mask
    • Most specific match wins
      • network 0.0.0.0 255.255.255.255 area 0
      • network 1.0.0.0 0.255.255.255 area 1
      • network 1.2.0.0 0.0.255.255 area 2
      • network 1.2.3.0 0.0.0.255 area 3
      • network 1.2.3.4 0.0.0.0 area 4
    • Source of common confusion, new versions support interface level enabling as alternative

Verifying Basic OSPF

  • Verify OSPF interfaces
    • show ip ospf interface
  • Verify OSPF neighbors
    • show ip ospf neighbors
  • Verify OSPF topology
    • show up ospf database
  • Verify OSPF routes in routing table
    • show ip route [ospf]

Configuring Basic OSPF

  • router ospf 1
  • network [network] [wildcard] area [area-id]
  • debug IP packet detail
    • shows broadcast messages to 224.0.0.5 using ip protocol 89 (ospf hellos)
  • debug ip ospf adj
    • shows adjacency events
  • show ip ospf neighbors
  • show ip ospf database

—(INE 29)—

OSPF Areas and LSA Types

  • OSPF areas add hierarchy and scalability to the routing domain
  • An area defined a flooding domain
    • All devices in the area agree on the topology
    • Changes inside the area require LSA flooding and full SPF
  • Routing between areas hides topology details
    • Inter-area routing similar to distance vector
    • Changes outside the area don’t always require LSA flooding or SPF
    • Limits impact on router resources

OSPF Area Types

  • Backbone area
    • Area 0 (0.0.0.0)
    • Used to summarize topology information between other areas
    • Traffic from one area to another must pass through area 0
      • Every non-0 area must somehow have a connection to area 0
    • Must be contiguous
  • Non-transit areas
    • All other areas 1-2^32 (0.0.0.1 – 255.255.255.255)

OSPF Router Types

  • Backbone router
    • At least one link in area 0
  • Internal routers
    • All links in one non-transit area
  • Area Border Router (ABR)
    • At least one link in area 0 and one link in a non-transit area
    • Used to summarize information between area 0 and non-transit area
      • Topology summarization, different from route summarization
  • Autonomous System Border Router (ASBR)
    • At least one link in the OSPF domain
    • At least one link outside the OSPF domain
      • EIGRP, IS-IS, BGP, etc.
    • Used to redistribute information to/from other routing domains and OSPF

Area 0 Continuity

  • All inter-area traffic must pass through area 0
  • If a non-transit area loses connectivity to area 0, all inter-area connectivity is lost
    • This state is called “discontiguous” areas or discontiguous area 0
  • Repairs to these broken designs come in the form of virtual area 0 adjacencies called “virtual links”
  • OSPF Virtual Links
    • Used to connect area 0 over a non-transit area
      • Virtual area 0 adjacency between two ABRs over a non-transit area
      • Provides continuity to the OSPF database calculation
    • Non-transit area must have full routing information
      • Cannot be a stub area and should not have filtering
    • Not a tunnel in the traditional sense
      • Traffic does not flow over the virtual link itself
    • Configured under the routing process of the ABRs
      • area [transit area-id] virtual-link [remote ABR area-id]

OSPF LSA Types

  • With different router types in the OSPF domain, different types of advertisements are required
    • DR, ABR, ASBR, etc.
  • Different LSA formats used to represent this information
    • Format is defined by type code
    • Type 1, Type 2, etc.
  • Which LSA types are sent and received depends on
    • Router’s type
    • OSPF network type (broadcast, P2P, etc.)
    • Area type (Stub, NSSA, etc.)
  • LSA Types Are:
    • Type 1 – Router LSA
    • Type 2 – Network LSA
    • Type 3 – Network Summary LSA
    • Type 4 – ASBR Summary LSA
    • Type 5 – External LSA
    • Type 7 – NSA External LSA
  • Other types exist outside this scope
    • Type 6 – Multicast LSA
      • Not implemeted by Cisco
    • Types 8, 9 10 – Opaque LSA
      • Used for extensibility
  • Routed that LSAs describe can be grouped together as
    • Intra-Area Routes (O)
      • LSA Types 1 & 2
    • Inter-Area Routes (O IA)
      • LSA Types 3 & 4
    • External Routes
      • E1/E2
        • LSA Type 5
      • N1/N2
        • LSA Type 7

LSA Types in Detail

  • Type 1 – Router LSA
    • Generated by every router in the OSPF domain
    • Not flooded outside the area they originate in
    • Describes it’s directly connected links
      • What are my link costs
      • Who are my neighbors
    • Used to build graph for intra-area SPF
    • show ip ospf database router [Link ID]
  • Type 2 – Network LSA
    • Generated by DR on broadcast and non-broadcast network types
    • Not flooded outside the area they originate in
    • Describes who is adjacent with DR
    • Used to reduce redundant information in the database
      • n*(n-1)/2 and flooding scalability issue
    • shop ip ospf database network [Link ID]
  • Type 3 – Network Summary LSA
    • Generated by ABR
    • Flooded from area 0 into non-transit area and vice-versa
    • Describes ABR’s reachability to links in other areas
    • For intra-area routing, OSPF can be considered link-state within an area, and distance-vector for inter-area routing as routers trust the cost provided by the ABR for an area they are not part of.
      • INE 29 – 29:00
    • SPF not run to reach ABR advertised routers, instead logic is…
      • ABR can reach link A via SPT in cost X
      • I can reach ABR via SPT in cost Y
      • I can reach link A via SPT in cost X+Y
    • This is why inter-area routing is considered distance vector
    • show ip ospf database summary [Link ID]
  • Type 4 – ASBR Summary LSA
    • Generated by ABR
    • Flooded from area 0 into non-transit area and vice-versa
    • Describes ABR’s reachability to ASBRs in other areas
    • Includes cost, but hides ABR’s actual path to destination
    • SPF not run to reach inter-area ASBR, instead logic is…
      • ABR can reach ASBR via SPT in cost X
      • I can reach ABR via SPT in cost Y
      • I can reach ASBR via SPT in cost X+Y
    • This is why inter-area external routing is also considered distance vector
    • show ip ospf database asbr-summary [Link ID]
  • Type 5 – External LSA
    • Generated by ASBR
    • Flooded to all non-stub areas
    • Describes routes ASBR is redistributing
      • Metric
      • Metric Type
        • Type 1 = E1
        • Type 2 = E2 (default)
      • Forward Address
        • Who should I route towards to reach the link?
        • Usually the ASBR itself but could be someone else in some designs
      • Route Tag
    • External Type 1 vs. Type 2
      • Type 1 (E1)
        • Take the cost the ASBR reports in plus the cost to the ASBR
      • Type 2 (E2)
        • Take just the cost the ASBR reports in
        • If there is a tie, then take the cost to the ASBR as well
      • Type 1 is usually used when there are multiple ASBRs redistributing the same routes to OSPF
    • OSPF External Route Calculation
      • Perfoms like distance vector routing similar to inter-area calculation
      • Intra-area externals
        • ASBR can reach link A in cost X
        • I can reach ASBR via SPT in cost Y
        • I can reach link A via SPT in cost X+Y
      • Inter-area externals
        • ASBR can reach link A in cost X
        • ABR can reach ASBR via SPT in cost Y
        • I can reach ABR via SPT in cost Z
        • I can reach link A via SPT in cost X+Y+Z

—(INE 30)—

Multi-Area OSPF Implementation

  • No notes here, but watch this video again.
    • I think my brain just exploded.

—(INE 31)—

OSPF Features

OSPF Virtual Link

  • Used to extend area 0 to a non-ABR
    • router ospf [process-id]
    • area [x] virtual-link [router-id]
  • Routes created by this process are set with the DoNotAge flag
  • Unicast adjacency, using a virtual interface (OSPF_VL0)

OSPF Scalability

  • Less topology info & less routing info means lower resource utilization
  • OSPF areas add scalability by hiding topology information, but they don’t hide reachability information
  • NLRI can be reduced in OSPF by implementing
    • Summarization
      • OSPF supports two types of summaries
        • Internal summarization (Type 3 LSAs)
        • External summarization (Type 5 & 7 LSAs)
      • Unlike RIPv2, EIGRP and BGP, OSPF summarization (aggregation) cannot be performed at arbitrary places in the topology
        • Internal summarization only on ABRs
        • External summarization only on ASBRs
      • OSPF Internal Summarization
        • Configured only on ABRs
        • Takes intra-area (O) routes and summarizes them into inter-area (O IA) routes as they move between areas
        • area [area-id] range [network] [mask]
      • OSPF External Summarization
        • Configured only on ASBRs
        • Takes routes external to OSPF domain and summarized them as OSPF external routes (E1/E2/N1/N2) when redistributed
        • summary-address [network] [mask]
        • Automatically generates routes to Null0
    • OSPF Stub areas
      • Summarization saves resources by taking multiple longer match prefixes and combining them into a smaller amount of shorter matches
        • eg: two routes 100.0.0.0/16 and 100.1.0.0/16 become oue route 100.0.0.0/15
      • Using the same logic, OSPF stub areas reduce NLRI by taking prefixes of the same LSA type and combing them into the shortest match possible, a default route
      • Stub areas use the common transit point of the OSPF topology, the ABR, to stop LSAs from entering the area
        • Type 3, Type 4, and/or Type 5 filtered depending on stub type
      • The reachability information removed is then replaces with a default route
        • Still allows reachability to removed routes (in most cases)
      • Four stub area types control which routes (LSAs) can enter the area
        • Stub Area
          • Stops external routes
        • Totally Stubby Area
          • Stops inter-area and external routes
        • Not-So-Stubby Area (NSSA)
          • Stops external routes but allows local redistribution
        • Not-So-Totally-Stubby Area
          • Stops inter-area and external routes, but allows local redistribution
        • All routers in the area must agree on the stub flag
      • Stub Area Logic
        • I know how to get to ABR
        • My ABR knows how to get to the ASBRs
        • The ASBRs know how to get to the external routes
        • If I default to the ABR, I don’t need the specific external routes
      • area [area-id] stub (on all routers in the area)
      • Result
        • ABR removes LSAs 4 (ASBR) and 5 (External)
        • ABR originates default route
      • Totally Stubby Area Logic
        • I know how to get to my ABR
        • My ABR knows how to get to other areas and to the ASBRs
        • The ASBRs know how to get to the external routes
        • If I default to the ABR, I don’t need the specific inter-area or external routes
      • area [area-id] stub (on the internal routers in the area)
      • area [area-id] stub no-summary (on the ABR(s) of the area)
      • Result
        • ABR removes LSAs 3 (Inter-Area), 4 (ASBR) and 5 (External)
      • Not-So-Stubby Area Logic
        • Stub areas block external routes from coming from other areas
        • What if I want to redistribute directly into the stub area itself?
        • Filter like a stub area, but make an exception for local redistribution
      • This exception requires the new Type 7 LSA (NSSA External)
      • area [area-id] nssa (on all routers in area)
      • Result
        • Redistributing router in NSSA generates Type 7 external instead of Type 5
        • ABR changes Type 7 into Type 5 as it is sent into area 0
        • ABR removes LSAs 4 (ASBR) and 5 (External) from coming into the area
        • ABR does not originate default route
      • no-summary option for Totally-Not-So-Stubby

—(INE 32)—

BGP Overview

What is BGP?

  • Border Gateway Protocol version 4
  • Standards based
    • RFC 4271 “A Border Gateway Protocol 4 (BGP-4)”
  • Exterior Gateway Protocol (EGP)
    • Used for inter-domain routing between Autonomous Systems
  • Path vector routing
    • Uses multiple “attributes” for routing decision
    • Routing based on policy rather than metrics
  • Classless
    • Supports VLSM and summarization
  • BGP looking glass – http://www.bgp4.as
  • BGP route server project

Inter-AS Routing and ASNs

  • Autonomous System (AS)
    • “…a set of routers under a single technical administration, using an interior gateway protocol (IGP) and common metrics to determine how to route packets with in the AS, and using an inter-AS routing protocol to determine how to route packets to other ASes.” (RFC 4271)
  • Like IP address space, Autonomous System Numbers (ASNs) are allocated by Internet Assigned Numbers Authority (IANA)
  • BGP ASNs originally a 2-byte field
    • Values 0-65535
  • RFC 4893 defines 4-byte ASNs
    • 0.0 – 65535.65535 notation
    • 0.[0-65535] denote original 2-byte ASNs

Why use BGP?

  • Scalability
    • IGPs can scale to thousands of routes
    • BGP can scale to hundreds of thousands of routes
    • Current Global (Internet) BGP table – ~300,000 routes (over 500K now)
  • Stability
    • Internet routing table never converges
    • BGP stable enough to handle routing and decision making at the same time
  • Enforce routing policy
    • IGP uses link cost for routing decision
      • Effective traffic engineering nearly impossible with IGP
    • BGP uses attributes of the route itself
      • Traffic engineering feasible and simple to implement

Who needs BGP?

  • Transit networks
    • SPs that sell access or transit bandwidth to customers
    • Need full routing table to make accurate decisions
    • Should not use default routing
  • Multihomed networks
    • Enterprise networks with two or more connections to ISPs
    • Allows control of inbound and outbound routing policy

When not to use BGP

  • Single ISP connectivity
    • Default routing sufficient
  • Limited memory and/or CPU resources
    • Global table needs ~1GB of memory just for storage
  • If you don’t “own” your IPV4 addresses
    • ISP advertises “their” address space on your behalf
    • Red tape involved with getting PI address space and BGP ASN

BGP Data Structure

  • Like EIGRP/OSPF/IS-IS, BGP uses a three table data structure
  • Neighbor table
    • List of active adjacencies called “peerings”
  • BGP table
    • All prefixes learned from all peers
  • IP Routing table
    • The “best” routes from the BGP table actually used for routing

How BGP Works

  • Establish BGP peerings to build neigbour table
  • Exchange updates to build BGP table
  • Choose BGP bestpaths to build routing table

Establishing BGP Peerings

  • Like IGP, first step in BGP is to find neighbors to exchange information with
  • Unlike IGP…
    • BGP does not have it’s own transport
      • Uses TCP port 179
    • BGP neighbors are not discovered
      • Manually configured via neighbor statement
    • BGP neighbors do not have to be connected
      • IGP is always on a link-by-link basis
      • BGP is a logical peering over TCP
      • Implies that BGP always needs IGP underneath
    • BGP has different types of neighbors
      • External BGP vs. Internal BGP

BGP Packet Formats

  • Peering establishment and maintenance uses four types of packetsOPEN
    • OPEN
      • Start peering
    • KEEPALIVE
      • Heartbeats, checking adjacencies
    • UPDATE
      • NLRI – N
    • NOTIFICATION
      • Errors

BGP OPEN Message

  • Used to negotiate parameters for peering
  • Includes
    • BGP version
      • Should be 4
    • Local ASN
    • Local Router-ID
    • Hold time
      • Negotiated to lowest requested value
    • Options
      • AKA “capabilities” eg: IPv4 Unicast, IPv6 Unicast, Multicast, etc.

BGP KEEPALIVE Message

  • Used for dead neighbor detection
  • If hold time = 0, keepalives disabled

BGP UPDATE Message

  • Used to advertise or withdraw a prefix
  • Includes
    • Withdrawn routes
      • List of routes that should be discarded
    • NLRI
      • Routes being advertised
    • Path vector attributes
      • Attributes of route being advertised
      • Used for bestpath selection

BGP NOTIFICATION Message

  • Used to convey error messages
  • After notification sent, BGP session closed
  • Examples
    • Unsupported version number
    • Unsupported Optional Parameter
    • Unacceptable Hold Time
    • Hold Timer Expired

BGP Peering State Machine

  • BGP State Machine tracks peering establishment
  • Idle
    • Waiting to start 3-way handshake
  • Connect
    • Waiting to complete 3-way handshake
  • Active
    • 3-way handshake failed, try again
  • Open sent
    • 3-way handshake complete, OPEN message sent
  • Open confirm
    • OPEN message received, parameters agreed upon
  • Established
    • Peering complete

—(INE 33)—

BGP Implementation

BGP Peering Types

  • Update and path selection rules change depending on what type of peer a route is being sent to/received from
  • External BGP (EBGP) Peers
    • Neighbor outside my Autonomous System
    • Usually directly connected neighbors
      • eg: DS3 Frame Replay link to ISP
    • Can be “multihop” but TTL defaults to 1
      • neighbor [address] ebgp-multihop [ttl]
    • Uses AS-Path attribute for loop prevention
      • If I receive an update from an EBGP peer with my own ASN in the AS-Path, discard it
  • Internal BGP (IBGP) Peers
    • Neighbors inside my Autonomous System
    • Many times not directly connected
      • Implies IGP needed to provide TCP transport
    • Loop prevention via route suppression
      • Routes learned from an iBGP peer cannot be advertised on to another iBGP peer
    • Implies that all routers running BGP within the AS must peer with each other
      • ie: “iBGP full mesh”
      • n*(n-1)/2 peerings
  • BGP Peering Redundancy
    • BGP peering is based on TCP reachability to peer address
    • If peer address is unreachable, peering goes down
      • eg: if IP address of Serial link is used for peering and Serial link is down, peer goes down
    • Using Loopback addresses for peerings allows rerouting around link failures and adds redundancy
      • eg: as long as any link is up, Loopback can be reached
    • Defined as update-source for TCP session
  • Basic BGP Configuration
    • Enable global BGP process
      • router bgp [asn]
    • Establish BGP peers
      • neighbor [address] remote-as [remote ASN]
      • if remote ASN is the same as local ASN, router knows this is an iBGP peer
      • if remote ASN is different than local ASN, router knows this is an eBGP peer
  • Basic BGP Verification
    • Verify BGP peerings
      • show ip bgp summary
    • Verify BGP table
      • show ip bgp
    • Verify BGP table detail
      • show ip bgp [network] [mask]
    • Verify BGP routing table
      • show ip route [bgp]
  • iBGO Full Mesh Scalability
    • n*(n-1)/2 doesn’t scale
      • 10 routers, 45 peerings
      • 100 routers 4950 peerings
      • 1000 routers, 499,500 peerings
    • Can be fixed with two exceptions
      • Route Reflectors
        • Same logic as DR/DIS
      • Confederation
        • Split the AS into smaller Sub-ASes
  • BGP Route Reflectors
    • Eliminates need for full mesh
      • Only need peering(s) to the RR(s)
    • Like OSPF DR & IS-IS DIS, minimizes prefix replication
      • Send one update to the RR
      • RR sends the update to it’s “clients”
    • Loop prevention through Cluster-ID
      • If I am a RR, and I receive a route with my own Cluster-ID, discard it
    • Enabling Route Reflection
      • neighbor [address] route-reflector-client
  • BGP Confederation
    • Reduces full mesh iBGP need by splitting AS into smaller Sub-ASes
      • Inside Sub-AS full mesh or RR need remains
      • Between Sub-AS acts like EBGP
    • Devices outside the confederation do not know about the internal structure
      • Sub-AS numbers are stripped from advertisements to true EBGP peers
    • Typically uses ASNs in private range (64512 – 65535) (last 1024 of the AS range)
    • Enabling Confederation
      • Enable global BGP process
        • router bgp [Sub-ASN]
      • Define global ASN
        • bgp confederation-id [ASN]
      • Define other Sub-ASes
        • bgp confederation peers [Sub-ASN1] [Sub-ASN2] [Sub-ASN3} etc.

—(INE 34)—

  • BGP Peer Groups
    • Typically many peers share the same update policy
      • eg: a route reflector’s clients
    • BGP Peer Groups reduce configuration and processing overhead by applying a template to the peers
    • Peer group is assigned parameters such as:
      • remote-as
      • route-reflector-client
      • route-map
    • Neighbor is specified as a member of the groups
      • Peers in a group must be either all iBGP or all EBGP
    • Enabling Peer Groups
      • neighbor [Peer-Group-Name] peer-group
      • neighbor [Peer-Group-Name] [attributes]
        • eg: remote-as, route-reflector-client, next-hop-self, etc.
      • neighbor [address] peer-group [Peer-Group-Name]
  • Other BGP Features
    • Enabling BGP Authentication
    • Like IGP authentication, BGP peer authentication protects control plan against attacks and misconfiguration
    • Without authentication BGP susceptible to TCP RST attacks
    • Uses MD5 as defined in RFC 2385
      • neighbor [address] password [password]
    • Modifying peering source address
      • neighbor [address] update-source [interface]

–(INE 37)–

Redistribution

  • Route Redistribution Overview
    • Process of exchanging reachability information between routing domains
      • eg: OSPF to EIGRP redistribution
    •  Considerations
      • Metric conversion
      • Loss of loop prevention
      • Table instability
        • eg: BGP to IGP distribution
    • Routes in the routing table will be redistributed
      • Not necessarily all routes in the routing database
      • Connected interfaces may or may not be implicitly redistributed
    • Redistribution must be explicit into every process

(Review Technology Q&A’s on Cisco’s website. Technology – IP Routing)

  •  Redistribution into RIPv2
    • Does not distinguish between internal vs. external routes
    • No default metric for redistribution, must be manually specified
      • Global default-metric
      • Individual redistribute statements
  • Redistribution into EIGRP
    • Does distinguish between internal vs. external routes
      • Internal (D) EIGRP AD 90
      • External (D EX) EIGRP AD 170
    • EIGRP Router-ID tagged in external route
      • Automatic loop prevention
    • No default metric for redistribution unless going EIGRP to EIGRP
      • Global default-metric
      • Individual redistribute statements
  • Redistribution into OSPF
    • Does distinguish between internal vs. external routes
      • E1/E2/N1/N2
      • Same AD for all, but can be separately modified
    • OSPF Router-ID tagged in external LSA
      • Automatic loop prevention
    • Default metric of 20
    • Default metric type of E2/N2
  • IGP Redistribution into BGP
    • Redistributed routes get origin code of incomplete
      • Denoted as ? in the BGP table
      • Implies redistributed routes less preferred
    • OSPF into BGP only matches internal routes by default
      • redistribute ospf 1 match internal external
  • BGP Redistribution into IGP
    • Generally not recommended without strict filtering
      • Global routing table ~350,000 routes
    • BGP into IGP only matches EBGP routes by default
      • bgp redistribute-internal
      • Can result in routing/traffic loops or BGP race condition
  • Redistribution & Traffic Engineering
    • Traffic engineering (layer 3 path control) can be implemented in redistribution designs with multiple entry/exit points
    • Seed metric can influence path selection
      • ASBR1 reports prefix X with cost 10
      • ASBR2 reports prefix X with cost 20
    • Route-map, prefix-list, etc. filtering can influence path selection with longest match routing
      • ASBR1 reports aggregate X plus subnets X1 & X2
      • ASBR1 reports only aggregate X

–(INE 39)–

Redistribution Problems

  • Problems with Redistribution
    • Routing loops and traffic loops (blackholes) generally occur for three reasons
      • Reconvergence after a topology change
      • Metric feedback
      • Administrative Distance Feedback
    • Temporary traffic loss during reconvergence is normal
    • Metric or AD feedback is usually recurring, and happens because of improper design
      • eg: redistribution from higher AD to lower AD and then fed back
  • Fixing Redistribution Problems
    • Some redistribution problems can only be solved by changing the topology design or changing where redistribution occurs
    • Others can be fixed with various IOS tools such as
      • Route-map filters
      • Distribute-list filters
      • Prefix-lists
      • Access-lists
      • Passive-interface filters
      • Route tags
  • Route-Map Filtering
    • Condition based criteria for filtering and modifying redistribution
    • Like ACLs, ends in implicit deny
    • Typically matches prefix-list, but can match more
      • ACL
      • Route type
      • Route source
      • Route tag
      • Metric
    • Can be used for route tagging and loop prevention
  • Distribute-List Filtering
    • Used to filter routing advertisements
      • Received on an interface
      • Sent on an interface
      • Received from a neighbor
      • Sent to a neighbor
    • Calls prefix-list or access-list for actual route matching
    • Only supported for RIPv2/EIGRP/BGP
      • Breaks OSPF/IS-IS LSDB logic
  • Prefix-List Filtering
    • Used to match route based on both prefix and length
      • eg: ip prefix-list LIST permit 1.2.3.4/24
    • Can also match ranges of prefixed or lengths
      • eg: ip prefix-list LIST permit 0.0.0.0/0 le 32
    • Uses sequence numbers to allow editing
    • Preferred use for routing filters, not traffic filters
    • Can be referenced from distribute-list or route-map
      • distribute-list prefix-list LIST in FastEthernet0/0
      • match ip address prefix-list LIST
  • Passive-Interface Filtering
    • Used to disable sending of routing updates on an interface that has the process enabled
    • For RIPv2, receive but not send
    • For OSPF/EIGRP, breaks adjacency forming
    • Can be per link or all links
    • Typically on a stub network or host link
  • Route Tag Filtering
    • Administrative route tagging can be used to “color” routes based on their origination
      • Gives visibility to redistribution source router or source protocol in the routing database
    • Route tag can be used to prevent route feedback in certain designs
    • Applied through route-map
      • set tag 1234
      • match tag 1234

–(INE 41)–

Layer 3 Path Control

  • Policy Based Routing & Traffic Engineering
    • Normal routing decision is based on longest match to destination address
    • Policy Based Routing (PBR) allows routing decision based on
      • Source address
      • Incoming interface
      • Application
      • QoS markings
    • Very flexible, but non-distributed platforms may have performance limitations
  • How PBR Works
    • Route-map defines match and set criteria
      • Match incoming interface or ACL
      • Set ip next-hop, interface, default ip next-hop, or default-interface
    • Route-map applies either to
      • Incoming traffic on interface with ip policy
      • Locally generated traffic with ip local policy
    • Order of operations is
      • If set ip next-hop or interface
        • Check route-map first, then routing table
      • If set ip default next-hop or default-interface
        • Check routing table first, then route-map
  • IP SLA & Traffic Engineering
    • IP Service Level Agreement adds application level awareness to Enchanced Object Tracking
    • Enhanced Objects can be called from features such as
      • FHRPs
      • Policy-Based Routing
      • Static Routing

–(INE 42)–

IPv6

  • Why IPv6?
    • Lack of IPv4 address space
    • IPv4 uses 32 bits
    • IPv6 uses 128 bits
    • IPv4 Dotted Decimal
      • 1.2.3.4
      • Each place denotes 1 byte
    • IPv6 Hexadecimal
      •  xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
      • Two characters = 1 byte
    • RFC 2373
      • IP Version 6 Addressing Architecture
  • IPv6 Address Space
    • Four main address types
      • Global Unicast
        • 2000…-3FFF…
      • Unique Local
        • FC00
        • Deprecates Site Local (FEC0)
        • Private Addressing (replacing 10.0, 172.16…, 192.168.x.x)
        • RFC 1918
      • Link Local
        • FE80
      • Multicast
        • FF…
  • Modified EUI-64 Addressing
    • IPv6 host addresses are generated from interface MAC address
    • MAC address is 48-bits
    • IPv6 host address is 64-bits
    • Extra 16 bits derived as follows
      • MAC 1234.5678.9012
      • Invert 7th most significant bit
        • 1034.5678.9012
      • Insert “FFFE” in middle
        • 1034.56FF:FE78:9012
  • IPv6 Address Resolution
    • Ethernet
      • ICMPv6 ND replaces ARP
    • NBMA
      • Static resolution on multipoint interfaces
      • Inverse Neighbor Discover not yet implemented
  • ICMPv6 Neighbor Discovery
    • ICMPv6 ND
    • Replaces IPv4 ARP
    • NS – Neighbor Solicitation
      • Ask for information about neighbor
    • NA – Neighbor Advertisement
      • Advertise yourself to other neighbors
    • RS – Router Solicitation
      • Ask for information about local routers
    • RA – Router Advertisement
      • Advertise yourself as an active router
    • Send neighbor solicitation to solicited node multicast
      • FF02:0:0:0:0:1:FF00::/104 + 24 low-order bits
    • If no reply address is unique
      • Duplicate Address Detection (DAD)
    • Send unsolicited neighbor advertisement to announce yourself
      • Sent to all hosts multicast
        • FF02::1
        • Essentially the same as 255.255.255.255
  • IPv6 Routing
    • RIPng, OSPFv3, EIGRPv6
      • Use separate processes
    • BGP & IS-IS
      • Use the same process
      • Different Address families
  • IPv6 Static Routing
    • Same static routing implications as IPv4
      • To next-hop
        • Resolve next-hop
      • To multipoint interface
        • Resolve final destination
      • To point-to-point interface
        • No resolution required
  • RIPng Overview
    • RFC2080 – RIPng
    • Similar in operation to RIPv1 & RIPv2
    • UDP port 521 multicast to FF02::9
    • Configuration
      • Interface level: ipv6 rip [process] enable
      • Automatically enables global process
    • Split-horizon enabled globally
      • no split-horizon on multipoint NBMA
  • OSPFv2 Overview
    • RFC 2740 – OSPFv3
    • Similar in operation to OSPFv2
    • Router-id is IPv4 address
      • Use router-id command if no IPv4 configured
    • Configuration
      • Interface level ipv6 ospf [process-id] area [area-id]
      • Automatically enables global process
    • Same network types as OSPFv2
      • Broadcast
        • DR/BDR Election
      • Non-broadcast
        • DR/BDR Election
        • Unicast updates to link-local address
      • Point-to-point
      • Point-to-multipoint
      • Point-to-multipoint non-broadcast
        • Unicast updates to link-local address
  • EIGRPv6 Overview
    • Similar in operation to IPv4 EIGRP
    • IP protocol 88 multicast to FF02::A
    • Configuration
      • Interface level ipv6 eigrp [ASN]
      • Process level no shutdown
  • BGP
    • Same process for IPv4 or IPv6
      • Uses address-family configuration
    • Normal BGP rules apply
      • Requires underlying IGP transport
      • iBGP loop prevention
        • Don’t advertise iBGP learned routes to other iBGP neighbors
        • Exception through route reflection or confederation
      • EBGP loop prevention
        • Don’t accept routes with your own AS in the path
      • Same best-path selection process
  • Tunneling IPv6 over IPv4
    • Static tunnels
      • GRE
        • Default tunnel mode
      • IPv6IP
        • Less overhead, no CLNS transport
    • Automatic tunnels
      • 6to4
        • Embeds IPv4 address into IPv6 prefix to provide automatic tunnel endpoint determination
      • ISATAP
        • Automatic host to router and host to host tunneling
  • Automatic 6to4 Tunneling
    • Derives destination IPv4 router from address embedded inside IPv6 destination
    • 2002:border-router-IPv4-address::/48
    • Single /48 subnetted amongst site
    • Only one tunnel needed for all destinations

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s