The mind is a powerful thing: January 2011

Thursday, January 27, 2011

EIGRP part 2

In order to create an adjacency with the neighbor, the eigrp discovering process needs to be done first. The process of discovering a neighbor is as below:

1. The originating router sends a Hello packet using multicast to 224.0.0.10
2. The neigboring router will detect the Hello packet and responses with an Update packet using unicast (NOT multicast!). In the same time it will also send an hello packet to the originating router.
3. The originating router receives the update packet and sends an unicast Ack packet to the neighbor router while sending an update packet from its current configuration to the neighbor router in unicast.
4. The neighbor router will send an ack back to the originating router to confirm the receival of the update packet from the originating router.

EIGRP does not require the neighbors to have the same hello and hold time (the same as dead time in ospf) values which is the opposite in ospf, although this difference can create an instability in the connection between the adjacent routers. However, metric configurations (k-weights) and the AS number of the adjacent routers MUST be the same or the connection between the adjacent routers will not happen. Another difference between OSPF and EIGRP is that OSPF has a dead time = 3 x hello time whereas EIGRP has a hold time = 4 x hello time.

The hello packets are by default sent every 5 seconds on a high speed link such as Etherned and FDDI, whereas in low speed links (less than T1 speed such as ATM)

To change the hello time use the command:
(config)#interface
(config-if)#ip hello eigrp

To change the metrics weights use the command:
(config)#router eigrp // 0 is not allowed
(config-router)#metric weights 0

To make a router in an EIGRP network do the following command:
(config)#router eigrp
(config-router)#no auto summary
(config-router)#network // the network can be the primary network or the secondary network (See below)

To show the neighbors use the #show ip eigrp neighbor command

To debug the packets do #debug eigrp packets

EIGRP is also possible when the secondary addresses are applied on the routers. A secondary address is when 2 ip addresses are used on a single physical interface. However, the secondary addresses must be configured properly and the secondary subnets must be the same between the neigboring routers. If the secondary address subnet is configured on a router and the same subnet is configured on the neighboring router as primary, eigrp will not work because the primary addresses of both routers are not in the same subnet. The adjecency will be formed, but on the show ip eigrp neighbor command the adjecency is formed between the primary networks, not the secondary.

To put a secondary address on an interface do the command:
(config)#interface
(config-if)#ip address secondary

EIGRP part 1

EIGRP stands for Enhanced Interior Gateway Routing Protocol with an AD = 90. The EIGRP is an advanced version of IGRP and is cisco proprietary. EIGRP uses a DUAL algorithm, and has a fast convergence, faster than OSPF. EIGRP supports VLSM because EIGRP update packets contain a prefix length for each network. This protocol sends multicasts packets to 224.0.0.10 for dynamic neigbor discovery and uses the IP protocol 88.

EIGRP activates by defaul equal-cost load sharing up to 4 paths, but can be configured to a maximum of 6 paths. The command is:
(config)#router eigrp
(config-router)#maximum-paths

The DUAL (Diffusing Update Algorithm) is an algorithm which calculates the successors (main routes) and the feasible successors (backup route). Therefore, should the successors fail, the feasible successor is instantly ready for use.

EIGRP has 3 tables which is the standard routing table, the EIGRP topology table and the neighbor table. The routing table contains primary routes (successors) only, while the EIGRP topology stores both the successors and the feasible successors. The neighbor table stores information about the EIGRP neigboring routers.

EIGRP's metric is calculated based on 5 k-weights which are in order bandwidth, delay, load, reliability and MTU. However, only bandwidth and delay is set active by default (set to 1) while all other is set inactive (set to 0). The bandwidth and delay can be configured with the command:

(config)#interface
(config-if)#bandwidth
(config-if)#delay

EIGRP has 5 different type of packets which are:

1. Hello packets that are used for neigbor discovery and maintain the connection with the neighbors. This data uses UDP packets and is therefore unreliable.

2. Acknowledgement packets that are used from the originating router to confirm the update received from the neigboring routers. This data uses also UDP packets and is therefore unreliable.

3. Query packets are sent when the router loses its successor route and does not have a feasible successor. This packet uses Reliable Transport Protocol (RTP) and is therefore reliable.

4. Reply packets that is used to response a query packet and can also mean that a new route is found to the destination router. This packet uses RTP and is therefore reliable.

5. Update packets that is sent and received to build a routing table or when a change in the network happens. If the latter happens, this packet will only send the changing routes instead of all the routes from the originating router, thus making EIGRP more resource effecient. This packet is send using unicast to the destination router and uses RTP protocol.

To see these number of packets sent or received use the #show ip eigrp traffic command.

-- 27 January 2011 --

Monday, January 24, 2011

OSPF network

The first thing to know when designing an OSPF network is that each area should have a router that connects to area 0 (backbone area) either physically or logically.

Area border router (ABR) are routers that has more than 1 ospf area. To see this run the #show ip ospf command or use the #show ip ospf border-router command to see adjecent router area state is. ASBR are basically ABRs that has more than 1 routing protocol.

Route redistribution means placing a route that is learned in one routing domain into another routing domain that has different routing protocols. This is needed in order to syncronize values such as metrics. If this is not set, then there is a big chance that the 2 networks at each side of the router will not detect each other and therefore cannot communicate. The metric value in RIP and OSPF is definitely different because of the difference in obtaining a metric value (OSPF uses cost with max = 100,000,000, and RIP uses hops with max = 16), so ospf routes need to be redistributed/translated in order to be understood by RIP. This redistribution must be done in 2 way (to each other).

To redistribute RIP to OSPF and in reverse, the command is shown below.

To redistribute RIP to OSPF:

(config)#router ospf

(config-router)#redistribute connected subnets (Redistribute connected devices including subnetted routes)

(config-router)#redistribute subnets

To redistribute OSPF routing protocol to RIP:

(config)#router rip

(config-router)#redistribute connected metric

(config-router)#redistribute ospf metric

RIP requires seed metric (convert to understandable metric 0-15) be applied at the time of redistribution. The metric or the path being redistributed must be set from routers to RIP, IGRP and EIGRP. OSPF does not need to have this, because the default redistributed route seed metric of OSPF is 20. Without setting the seed metric, the routes that has a higher value than 15 will not be shown on the RIP network because it is considered as a disabled network.

When seeing the configuration, there is an "O E2" symbol which means an external route originally learned by redistribution. The cost of this route is from ASBR to dest network only.

There is a possibility where the destination routes has the same ip next hop address. This table can be shortened by using stub networks which must be configured on both end of the links (2 routers). The symbol will be changed to O*IA symbol. The command is:

(config)#router ospf

(config-router)#area stub

To change the default cost of the stub use the following command on 1 router only:

(config)#router ospf

(config-router)#area default-cost

To configure a total stub area (all external and internal area routes are replaced to a single default route) use the command on the ABR router only with :

(config)#router ospf

(config-router)#area stub no-summary

To show the neigbor configuration state use the "#show ip ospf neigbor" command

NSSA stands for "not so stubby area" which is a stub area that contains a limited number of external routes instead of all external routes connecting to OSPF. The purpose of this area is to inject other router protocols to OSPF with the redistribution command to the stub area via NSSA stub using type 7 LSAs, because type 5 LSA is blocked in NSSA area. The type 7 LSA will be translated to type 5 LSA by the NSSA ABR router in the NSSA area that connects to OSPF area 0.

The command to make an NSSA stub is :
(config)#router ospf
(config-router)#area nssa

There is a possibility to make NSSA area a total stub NSSA which will block LSA type 3, 4 and 5 and single default routes.

The command to make an NSSA total area stub is :
(config)#router ospf
(config-router)#area nssa no-summary

There are different LSA types and typical states on the router when

the show ip ospf database is run:

- LSA Type 1 : Sent by all Routers --> Router Link States
- LSA Type 2 : Sent by all DRs --> Net Link States
- LSA Type 3 : Sent by all ABRs --> Summary Net Link States
- LSA Type 4 : Sent by all ABRs --> Summary ASB Link States, describes how to get to the ASBR
- LSA Type 5 : Sent by ASBRs only --> Type-5 AS External Link States to all areas except stub and total stub areas
- LSA Type 7 : Sent by ASBRs only --> Type-7 AS External Link States, found only in NSSA area
- LSA Type 6 : Reserved for Multicast OSPF

There is a possibility to make a route summarization except using stub. This method is used when the summarized routes is implementen on routers that is in area 0, which does not allow stub configurations. There are 2 methods in summarizing routes which are area range and summary address.

Area range is used on ABRs where it summarizes routes from 1 area to another. The command is:
(config)#router ospf
(config-router)#area range

Summary address is used on ASBR routers to summarize routes that are redistributed from other protocols to OSPF. The command is:
(config)#router ospf
(config-router)#summary address

There is also a possibility to protect connections to the neighbors with authentication. The authentication can be set with passwords in either clear text or MD5. However, once set, the password must be configured the same on other neighboring routes involved.

The command for clear text password authentication is:
(config)#int
(config-if)#ip ospf authentication-key // password max 8 characters!
(config-if)#ip ospf authentication

The command for MD5 password authentication is:
(config)#int
(config-if)#ip ospf authentication message digest
(config-if)#ip ospf message-digest-key md5 MD5>

To see adjecencies use the command #debug ip ospf adj, to stop debugging use #u all

-- 26 January 2011 --

Monday, January 3, 2011

OSPF advantange, cost and adjecency states

There are some advantages dividing routers into different OSPF areas which are:

1. Router processing is less because of smaller routing tables
2. Limit LSA traffic, more bandwidth effecient

OSPF has an AD of 110 and uses costs as metrics. The formula for OSPF costs formula are (100,000,000/BW in bps), where the path with lower costs is preferred. To change cost use the command:
(config-if)#bandwidth

To change the cost by changing the reference use the command:
(config)#router ospf
(config-router)#auto-cost reference-bandwidth

There are several reasons why OSPF is better than RIP such as:

1. OSPF metric is more accurate about the actual distance to a remote network (based on speed), where RIP uses hop counts only.
2. OSPF networks are always reachable, compared to RIP's maximum hop count of 15, to combat loop infinity.
3. OSPF has VLSM, whereas RIP not. This is an advantange because of the more efficient utilization of IP addresses.
4. OSPF has better network bandwidth utilization (less broadcasts and does not update the full routing table)
5. OSPF converges more quickly

OSPF adjacency process has several states:

- Down : No hellos received from that neighbor
- Attempt : Hello packets are sent to neighbors, which are seen only in NBMA networks, since they configure neighbors
- Init : First Hello packet has been received from the neighbor, but does not have the RID in it
- 2-Way : Each router on the end of the link has received a Hello packet with each own RID meaning that the routers are sycnchronized.
- Exstart : Exchange process of the link state database information starting with the highest OSPF RID router
- Exchange : Database Descriptor (DBD) packets which contain a description of the link state database are exchanged.
- Loading : Routers are sending Link State Requests (LSR) packets to the potential neighbor
- Full : Router databases are synchronized and the adjecency is finally formed.

All DROTHERS will be in the 2 way state as the final state. Only the DR and BDR will have a full state adjecency to all the other routers, because a DROTHER cannot send an LSA to another DROTHER so therefore not necessary for DROTHER to go to this state.

-- 4 January 2010 --

Router topology configuration

When configuring a router topology, the default is broadcast network. There are also other topologies which are non broadcast network (NBMA), point to multi-point network, and point to point network. Point to multi-point is actually a group of point-to-point networks. For point to multi-point (broadcast) network, the neighbor routers do not need to be configured. For point to multi-point (non-broadcast) network, the neighbor routers do need to be configured. On a point to point or point to multi-point configuration, there is no DR and BDR, simply because there is no need to do so. There is no other router to broadcast to in a point to point route.

OSPF can be configured in an NBMA network, where the router's configuration is in a 'hub-and-spoke' network using a non-broadcast network. To configure OSPF on NBMA network, only the hub needs to be configured for neighbors.

Steps are:

1. Configure OSPF on hub router with the commands:
(config)#router ospf (ospf number)

(config-router)#network

area

(config-router)#neighbor // apply for other neighbors too, if available

2. Configure spoke OSPF router with the command:
(config)#router ospf (ospf number)

(config-router)#network

area

3. Set spoke router priorities to 0 (zero) as they may not become a DR or BDR router.

A router that is not in an ospf area 0, needs to have access to a router in ospf area 0 in order to communicate with each other. This can be configured by using a virtual link, transit/stub area done in both sides of the link. This will also be considered as a point to point network.
The command for setting this link will be:
(config)#router ospf
(config-router)#area virtual link

To verify and show virtual link use the command: #show ip ospf virtual-link

-- 4 January 2011 --

DR and BDR Election

In an OSPF network, there is a router that is the "master" router and "backup-master" router. These routers are the 'leader' of the OSPF network. These routers are called the Designated Router (DR) which is the main active router and Backup Designated Router (BDR). All other routers are DROTHERs. A major drawback of DV protocols are slow convergence. This problem does not occur to LS protocols, since they converge almost immediately upon topology change by having DR and BDR. Upon change of network configuration, any detecting router on the same OSPF segment will send a multicast to 224.0.0.6 which is listened only by DR and BDR routers. Both DR and BDR will process the receiving information, where after that the DR will send a multicast via 224.0.0.5 to all non-DR and non-BDR routers about the change.

There are 4 stages in order to elect the DR and BDR in a OSPF segment:

1. The router sending a Hello packet with the highest router priority is elected as the DR. Every router which has a priority higher than 1 (where 1 is the default priority, set at the interface) can participate in the election. The highest priority is 255. To eliminate a router from the election, the interface priority must be set to 0 with the command "(config-if)#ip ospf priority 0".

2. If there are more than one router with the same highest priority, then the router with the highest RID (Router ID) wins, regardless whether that interface is OSPF enabled or not. RID is the highest logical (loopback) IP address.

3. If there is no loopback address, then the router with the highest IP address will be the DR, regardless whether that interface is OSPF enabled.

4. The process 1-3 is repeated for BDR. A router CAN NOT be a DR and BDR at the same time for the same segment.

5. If the DR is down, the BDR will be the DR and a new election is done to choose the replacement BDR from the DROTHER routers. If the original DR is up again, the DR will not affect the current configuration and will therefore NOT be automatically the DR again, but it will be a DROTHER router. The DR can be the original DR configuration again only if the other routers are reloaded or the OSPF process is cleared.

To set a particular router to a DR, BDR or DROTHER, the priorities of the routers need to be changed. 3 ways can be done to change these priorities:

1. Change the OSPF priority with the ip ospf priority command
2. Setting the OSFP Router ID manually with router-id
3. Setting the OSPF Router ID to the desired value by configuring the loopback interface.

The priorities will take change only if the routers are reloaded of the OSPF process is cleared.

-- 4 January 2011 --

Sunday, January 2, 2011

Link state Routing Protocol

Link state routing protocol is one of the two protocols (the other is distance vector routing protocol), used in packet switching networks. Link state routing uses the Dijkstra or Shortest Path First (SPF) algorithm. The protocol works as each node makes a connectivity map of the network in the form of a graph that shows where the node connects to which neighboring node. The protocol will then calculate the best logical path to each destination node and adds it to its routing table. Examples of link state routing protocols are OSPF and IS-IS.

The contrast with link state routing and distance vector routing is that link state routing shares only the information about the connectivity with its neighbors, whereas distance vector routing shares the full routing table of the node with its neighbors. Another one is that after the initial exchange of LSAs are made, link state protocols do not exchange information anymore until there is a change in the network topology. However, it will advertise all its LSAs every 30 minutes, whereas distance vector protocols sends full routing table and process it every 30 or 90 seconds. Compared to DV, LS is therefore more bandwidth and resource efficient.

The first process in creating a routing link is that the routers must be neighbors first by forming an adjacency. To form this adjacency, the routers must agree on the area number, the hello and dead timer settings, and stub area and link authentication configuration. All of this must be the same on both sides of the link or this adjacency will not be formed. The default Hello timer is 10 seconds, and the default dead timer is 40 seconds.

To check router's adjacency type the command "#show ip ospf neighbor" or "#show ip ospf interface"

After this adjacency is formed, the routers will send then Link State Updates (LSUs) which contains Link State Advertisements (LSAs). LSA contains e.g. subnet masking information. LSA will be processed by the receiving router and placed into the link state database and the SPF algorithm is applied to this database to create the OSPF routing table.

To see the database type the command: "#show ip ospf database"

LSA contains sequence numbers which will be checked upon arrival on the destination router. This router will then compare its sequence number (from the previous LSA) to the current LSA. There are 3 possible actions that can happen:

1. If the sequence number is the same, the LSA is ignored by the receiving router

2. If the sequence number is lower than the sequence number the router has, than the router will ignore the update and sends the LSU back to the sending router.

3. If the sequence number is higher, the LSA is accepted an will be added to its database. Afterwards, the receiving router will send an LSA acknowledgment back to the sending router. It will the flood that LSA and will run the SPF algorithm to update its own routing table and holds therefore the most updated route.

To config OSPF type the command:
(config)#router ospf
(config-router)#network area
(config-router)#network area

Configure it on both ends of the link and an adjacency should be formed. We can show it using : #show ip ospf neighbor

To see the ospf database: #show ip ospf database

To see the interface running ospf: #show ip ospf interface

-- 3 Januari 2011 --