This entire series on routing was created when I was preparing for the Cisco test 642-901 BSCI, as my notes. Subsequently, I made only a simple edit and published the text. If you think something important is missing, something is not described correctly or is not completely clear, I welcome your information in the comments.
The basics of routing are described in the article TCP/IP - Routing.
Classification of Routing Protocols
Several types of route records are created in the routing table, depending on how they were created. Packets are routed according to one of the basic routing methods:
- static routing - manually entered routes (records in the routing table), safe and good, but does not reflect changes in network topology
- dynamic routing - the network automatically adapts to changes in topology and traffic, routes are automatically calculated using a routing protocol
- default routing - if no other route exists, the default route is used
Dynamic routing protocols are of two basic types:
- Distance-Vector Routing Protocol
- Link-State Routing Protocol
Note: There is also a Path-Vector Routing Protocol, which falls under Distance-Vector Routing Protocol.
We further divide dynamic protocols based on whether they are intended for deployment within a local network (more precisely within an autonomous system (AS), which may contain several LANs) or operate across networks (connecting AS together).
- Interior Gateway Protocol - IGP - routes within Autonomous System (AS)
- Exterior Gateway Protocol - EGP - routes between AS
Distance-Vector Routing Protocol
- RIP, RIP2, IGRP, EIGRP, BGP
- routers maintain a routing table with information about the (vector) distance to a given network
- periodically send the routing table to neighbors, who adjust their table and send it on
- one (number of hops for RIP) or more (link bandwidth and delay for IGRP) metrics are used to calculate the best path
- a modified type of distance-vector protocol is the path-vector protocol.
- simple DVRPs (RIP, IGRP) do not create relationships with neighbors
- the problem is routing loops - solved by defining maximum distance (TTL), Split Horizon (doesn't send route to the interface it came from), Route Poisoning, hold-down timer (waiting interval until the network is stable, extends convergence)
Link-State Routing Protocol
- OSPF, IS-IS
- routers maintain a comprehensive database of network topology (created using LSA)
- exchange Link State Advertisements - LSA, LSAs are triggered by some event in the network, also Link State Packet - LSP or Link State PDU
- also sends Hello packets to its surroundings, where it sends information about itself
- quickly responds to changes in topology, but consumes more bandwidth (especially initially sends a lot of LSPs) and resources on the router
- the metric is complex, the best path is calculated using Dijkstra's algorithm shortest path first - SPF
- to improve properties, it is divided into smaller areas, border routers send summary routes, uses multicast, LSA numbering
General Terms
Autonomous System - AS
- is a group of IP networks and routers that are under the same technical administration
- numbers 1 to 65535
- private range 65512 - 65535
- AS uses EGP to communicate with another AS
- within AS, routes learned from BGP can be redistributed to IGP
Administrative Distance - AD
- determines the trustworthiness of the protocol - defines the reliability of the protocol and prioritizes better with a lower number
- is a property used on routers to determine the best path between multiple routing protocols
- In other words, multiple routing protocols can run on a router and AD decides which one to use.
- On Cisco routers, we can change the default values.
Setting the administrative distance AD (lower is better) is done by the following command. Weight is the AD value.
ROUTER(config-router)#distance weight [source-ip-address source-mask (access-list-number | name)]
| Route Source | Default Distance Values |
|---|---|
| Connected interface | 0 |
| Static route | 1 |
| EIGRP summary route | 5 |
| External BGP | 20 |
| EIGRP | 90 |
| IGRP | 100 |
| OSPF | 110 |
| IS-IS | 115 |
| RIP | 120 |
| EGP | 140 |
| On Demand Routing (ODR) | 160 |
| External EIGRP | 170 |
| Internal BGP | 200 |
| Unknown | 255 |
Convergence
- processes and time needed for routing protocol conversion
- convergence is achieved when all routers have complete up-to-date information about the topology
Network Information
- serial interface has default bandwidth equal to
T1 = 1.544Mbps - point to multipoint Frame Relay has
default speed = channel_throughput (T1) / number_of_subinterfaces - Protocol Data Unit - PDU - depends on the protocol / OSI model layer, so L2 PDU is a frame, L3 PDU is a packet
General Configuration
Static Routing
SWITCH(config)#ip route [destination_network] [mask] [next_hop or exit_interface] [administrative_distance] [permanent] SWITCH(config)#ip route 192.168.50.0 255.255.255.0 192.168.1.1
Default Routing - Default gateway
SWITCH(config)#ip default-gateway 10.0.1.250 // GW definition, can be used only if routing is not enabled SWITCH(config)#ip default-network 10.0.1.0 // sets the default network, propagates it using routing protocol SWITCH(config)#ip route 0.0.0.0 0.0.0.0 10.0.1.250 // creates an entry in the routing table for GW
Dynamic Routing
SWITCH(config)#ip routing // enables routing on L3 switch SWITCH(config)#router [protocol] [keyword] // general choice of routing protocol SWITCH(config-router)#network [network-number] // definition of network to be propagated, for classless wildcard mask is used
Loopback Interface Setup
Loopback is used for a number of purposes, its main advantage is that it's always up (never goes down). So where, for example, the router ID is calculated from the router's IP address, a loopback is set (otherwise, if the interface went down, everything would be recalculated).
SWITCH(config)#interface loopback 0 SWITCH(config-if)#ip address 215.10.7.1 255.255.255.255
Information - show commands
ROUTER#show ip protocols // which networks are routed by which protocol and parameters (timers, filters, metrics, networks.) ROUTER#show ip route // displays the routing table ROUTER#show ip interface // displays information about interfaces from IP perspective
Policy Based Routing - PBR - route-map
Similar to ACL or better class-map, a numbered list of rules is processed. Rules contain two parts:
match- what it applies to, we can use ip address according to ACL or prefix-list, length min, max packet length, tag, route type, if we don't specify the match part, it applies to all packetsset- what is done, we can use setting precedence, tos, ip next-hop - next router to send to, interface - which interface to route through, metric - change the metric
ROUTER(config)#route-map map-tag [permit | deny ] <Sequence Number> ROUTER(config)#route-map ospf-to-eigrp deny 10 ROUTER(config-map-router)#match tag 6 ROUTER(config-map-router)#match route type external type-2 // this must be true, as well as the previous one ROUTER(config)#route-map ospf-to-eigrp permit 20 ROUTER(config-map-router)#match ip address prefix-list pfx // IP address is found using prefix-list, otherwise ACL can be used ROUTER(config-map-router)#set metric 40000 1000 255 1 1500 ROUTER(config-map-router)#set ip next-hop 142.5.9.1 // which router to send to
Then we apply the route-map to the interface. We can apply only one route-map per interface, but a route-map can consist of multiple numbered parts.
ROUTER(config-if)#ip policy route-map ospf-to-eigrp
Aggregation - summarization
Often we don't need to know individual routes (especially when connecting multiple networks/protocols), but it's enough to know how to get to the main network. So we can replace groups of subnets accessible through one router with one summarized network. Some protocols support automatic summarization across classful network boundaries (like EIGRP).
When a summary route is created (in EIGRP or BGP), a Null0 interface is created (or needs to be created) where this summarized route points. During actual routing, a more specific address (from which summarization was performed) is used, so records for individual subnets must exist, otherwise data would route to Null0. In sent routing updates, only the summary route may then figure.
If the last specific route that was used inside the summarized one is deleted in EIGRP, the summary route is also deleted.
ROUTER(config)#ip route 198.10.0.0 255.255.0.0 null0 // only for summarization ROUTER(config-router)#redistribute static // one option for summarization, we manually enter routes, along with Null0 ROUTER(config-router)#network 198.10.0.0 mask 255.255.255.0 // another option for aggregation, also together with Null0 ROUTER(config-router)#no auto-summary // another option would be auto-summarization to classful (EIGRP), but this often needs to be turned off ROUTER(config-if)#ip summary-address eigrp 100 192.1.0.0 255.255.0.0 // manual definition of summarization in EIGRP, 100 = AS number ROUTER(config-router)#aggregate-address 200.52.0.0 255.255.0.0 summary-only // in BGP, inserts summary route into routing table, if summary-only is not used, the subnets from which summarization was created are also published
Route Filtering - filtering routes in routing updates
We often want to control which routes should be in received (certain records are filtered out when learning from a neighbor) and sent (certain records are not even sent to a neighbor) neighbor updates. This is for basic security, hiding certain routes from the rest of the organization, controlling traffic overload, preventing routing loops. We have three basic methods for management:
- passive interface
- distribute list
- prefix list
Passive-interface
The simplest filtering method, which doesn't go into much detail. A passive interface doesn't send routing updates on the given interface, so its neighbors don't learn about routes. For RIP, RIP2 and IGRP, updates are not sent to neighbors on the given interface, but updates from neighbors are still received and used. For EIGRP and OSPF, Hello packets stop being sent, so the neighbor relationship is terminated, meaning it not only stops sending updates, but also stops receiving them.
ROUTER(config-router)#passive-interface Serial0/0 // the given interface doesn't send updates ROUTER(config-router)#passive-interface default // every interface, where not specified otherwise (no passive-interface s0/0), is passive
Distribute-list
Uses standard IP ACL (or even extended), with which we define which routes we don't want to send (deny) and which we want to (permit). For example, when we want to exclude network 192.168.1.0/24 from updates, which we have in the routing table, we can use ACL.
ROUTER(config)#access-list 10 deny 192.168.1.0 0.0.0.255 ROUTER(config)#access-list 10 permit any
We apply the distribute list within the routing process and specify whether it's used for outgoing (out) or incoming (in) updates.
ROUTER(config-router)#distribute-list 10 out // filtering of outgoing updates, 10 is the ACL number
We can specify even more precisely which updates the restriction will apply to. For both incoming and outgoing, we can specify the interface to which the application applies. For outgoing updates, we can additionally specify routing process or AS number. This applies to redistribution and then applies only to updates from the specified routing process or AS
ROUTER(config-router)#distribute-list 10 in ethernet 0 // updates coming through interface e0 ROUTER(config-router)#distribute-list 10 out igrp 5 // outgoing updates that are redistributed from IGRP 5 ROUTER(config-router)#distribute-list 10 out 100 // outgoing updates that are redistributed from AS 100
In BGP, we can use distribute list on a neighbor.
ROUTER(config-router)#neighbor 10.0.10.1 distribute-list 10 out
Note: We can specify a range of distribute lists for a routing process, but there can be only one per interface and direction.
Prefix-list
A prefix list itself is not a filtering method. It's just a means for filtering. The actual prefix-list is something like an ACL, but works in a slightly different way. It's used to block certain networks in updates from/to neighbors. It can be used for BGP with neighbor settings or instead of ACL in a distribute list. Similar to ACL, a prefix list is a named numbered list of rules that are either permit or deny. By default, it starts with number 5 and increases by 5. Unlike ACL, it filters using prefixes, either exact prefix length or range. The rules include IP address and bit mask (CIDR).
Note: We can use prefix list not only for filtering, but also for Policy Based Routing to select an address.
ROUTER(config)#ip prefix-list test deny 0.0.0.0/0 // prohibits default route 0.0.0.0 ROUTER(config)#ip prefix-list abc permit 192.0.0.0/8 ge 8 le 24 // takes all prefixes >= 8 and <= 24 ROUTER(config-router)#neighbor 170.10.20.1 prefix-list test in // application of filtering to neighbor ROUTER(config-router)#distribute-list prefix abc in // another application option is using distribute list ROUTER#show ip prefix-list // displays prefix lists
Connecting Routing Protocols - Route Redistribution
To effectively support multiple routing protocols in one internetwork, information must be shared between protocols. This is called route redistribution. Redistribution can be one-way or two-way. Routers that perform redistribution are called boundary routers.
Redistribution is when a routing protocol publishes routes that it learned in another way, these are static routes, directly connected interfaces or another routing protocol. Different routing protocols have different characteristics (such as metrics, classless support).
The recommended solution for redistribution between two protocols where multiple paths exist (when they exchange routes with each other) is to use, due to loops:
- one-way redistribution (default route to the other side)
- route-maps or distribution-list, to prevent the transfer of information originating from a given process back to it
- static routes
- manually set Administrative Distance
When configuring redistribution, I configure the protocol that I want to publish routes from another source. The redistribute command is used. During redistribution, we must set the metric (setting depends on the protocol) or the default is used. OSPF has a default metric for other protocols of 20 except for BGP, for which it's 1. RIP, IGRP, EIGRP, IS-IS have a default metric of 0 (infinity, unreachable, not advertise).
When redistributing from a classful protocol (IGRP, RIP) to classless (OSPF), subneted routes are not distributed. When redistributing to OSPF, it's necessary to use the keyword subnets to transfer subnetted routes. By default, routes are redistributed to OSPF as External Type2 (E2).
We redistribute IGP protocols (like RIP, OSPF) to BGP to get them to other EBGPs. But we must be careful because there's a danger of loops, as redistributed routes may not originate from the given AS, but could have arrived here via BGP. For redistributing IGP route to BGP, it's recommended to use the aggregate-address command.
ROUTER(config)#router rip ROUTER(config-router)#redistribute static metric 1 // redistribution of static routes ROUTER(config-router)#redistribute ospf 1 metric 1 // redistribution of OSPF to RIP with metric setting ROUTER(config-router)#default-metric 1 // setting default metric, which is used where I don't specify it ROUTER(config)#router ospf 1 ROUTER(config-router)#redistribute static metric 200 subnets ROUTER(config-router)#redistribute eigrp 1 metric 20 metric-type 1 subnet ROUTER(config)#router eigrp 1 ROUTER(config-router)#redistribute rip metric 10000 100 255 1 1500 ROUTER(config-router)#redistribute ospf 1 match external 1 external 2 // we redistribute only type E1 and E2 ROUTER(config-router)#redistribute isis level-1-2 metric 100 100 200 1 1500 // we redistribute ISIS L1 and L2 ROUTER(config-router)#redistribute ospf 1 route-map ospf-to-eigrp // using route-map for filtering what's transferred
Two commands can be used for troubleshooting.
ROUTER#show ip route // on router inside and on ASBR, whether redistributed routes are here ROUTER#show ip protocol // on ASBR, verifies configuration of redistributed routes, also displays filters
Zdravím,
tak je tam pár chybyček:
"Eigrp - Hybrid Routing Protokol" - myslím že umno ale budíž (jedž i Cisco od tohoto termínu upustilo ... en z hybridních protokolů je OSPF, EIGRP je čistý DV, žádný hybrid).
"Distance-Vector Routing Protocol:
nevytváří vztahy se sousedy"
Ale vytváří... i BGP, i EIGRP vytváří vztah partnerství mezi směrovači.
"Route Poisoning" jste mám dojem úplně nepochopil...
Dál už raději nečtu, je možné že je tam toho víc ;)
(na začátek doporučuju nějakou základní knihu o směrování, například Routing TCP/IP nebo podobnou s "routing" v názvu ;) )
omlouvám se... nějak se mi zkomolila poznámka u eigrp, oprava:
"Eigrp - Hybrid Routing Protokol" - myslím že už i Cisco od tohoto termínu upustilo ... mno ale budíž (jeden z hybridních protokolů je OSPF, EIGRP je čistý DV, žádný hybrid)
respond to [1]tomfi: Na úvod, knih jsem přečetl několik. Například oficiální Cisco příručku k testu. Trochu problém je, když ve třech knihách/zdrojích se nachází rozdílná informace, komu má potom člověk věřit? Vy vypadáte naprosto přesvědčen o svých vědomostech, tak by mne zajímalo, odkud je čerpáte?
Že je EIGRP hybridní protokol se píše (mimo jiné) přímo v oficiální knize od Cisco Press. A vy chcete říct, že třeba spolehlivost linky je vektor vzdálenosti? Podle mne je to spíše stav linky.
Ano, opravil jsem, vztahy se sousedy nevytváří pouze čisté DVRP.
Ještě, aby to nevyznělo nějak jinak, než to myslím. Jsem rád, pokud někdo opraví chyby, které se zde určitě mohou vyskytovat.
Omlouvám se, nějak jsem si nevšiml, že ten můj příspěvek zazní tak "přesvědčeně", ale vy víte, že jsem rád že vaše články vznikají, a že myslím, že jsou kvalitní... jenom si občas rád trochu pošťouchnu :)
Z čeho čerpám? Tak namátkou z paměti:
Routing TCP/IP
Interconnections: Bridges...
Network Routing: Algorithms... (pokud jste zatím nic z toho nečetl, tak doporučuju touhle knihou začít:) )
Materiály CCNA (trochu štouchnutí (myslím, že umíte víc), ale i tam to je tak jak píši)
plus mnoho dalších knih, a článků z odborních periodik (tím nemyslím computer :D, ale články kde jsou vypublikovány původní algoritmy, myšlenky a popisy protokolů "tak jak je autoři zamýšleli" ;).
Co se týče cert. Guidů (některé jsem také četl, například i ty na CCNP), tak tam je tolik "zjednodušení", že je třeba to brát oooopravdu s rezervou... ono víceméně certifikace je také o tom odpovídat "Cisco pravdu" :)
Co se týče EIGRP a hybridnosti... nevím proč s tím cisco začalo (osobně myslím, že to byl marketingový tah). Ale EIGRP je čistě DV protokol.
Linkstate znamená informace o stavu linky, tedy zařízení mají informace o topologii sítě (informaci o linkách (propojeních) v síti. Na základě těchto informací vypočítají nejkratší cestu, většinou implementací nějaké podoby dijkstrova algoritmu.
DV znamená, že pro výpočet cesty se nevyužívá znalost topologie, ale pouze vektorů (cest, směrů...). Jestli je pro výpočet "distance" využívána jedna konkrétní metrika nebo několik vlastností, které se před výpočtem cesty převádí na jednu metriku (viz. EIGRP vzoreček), na tom nesejde. Pro hledání cesty se většinou využívá nějaká podoba bellman-fordova algoritmu.
To je velké zjednodušení, více se do 2000 znaků příspěvku nevejde :D
respond to [5]tomfi: Díky za informace. Budu si to muset nechat projít hlavou. Routing v praxi nikde nekonfiguruji a učil jsem se pouze na test na CCNP (který jsem úspěšně složil se znalostmi, které zde, a dále, uvádím ;-)). A to mi to studium zabralo několik měsíců.
"Budu si to muset nechat projít hlavou."
Tak tak... není dobré důvěřovat, je třeba prověřovat... nedůvěra vede k poznání, pochopení... důvěra pouze k naučení, namemorování :)
Jinak taky jsem nejdřív nevěděl co číst... tahle stránka mi pomohla s výběrem:
http://www.internetworkexpert.com/resources/cciebooks.htm
respond to [5]tomfi:
"Materiály CCNA (trochu štouchnutí (myslím, že umíte víc), ale i tam to je tak jak píši)"
v materialech ICND2, ktere byly platne minimalne jeste v '08 se o EIGRP jako o hybridu pise
respond to [8]Vojtech:
Aspoň vidíte, že v materiálech je chyb tolik, že vysekat je všechny bude nějáký ten rok trvat :D... Ale nechme na zamyšlenou, jestli na těch nižších certifikačních úrovních pořád neprosazují myšlenku, že EIGRP je hybridní schválně. Přeci jenom moci uvádět, že EIGRP je konkurent OSPF je lepší, než když by EIGRP srovnávali s RIPem :D
Ty materiály, které jsem uváděl jako CCNA jsem měl na mysli CCNA Exploration, CNA programu.
respond to [9]tomfi:
Ještě bych se možná poupravil... ono to na spiknutí nevypadá... jenom prostě zažitá "pravda", jako že špenát má hodně železa :)....
Při tvorby materiálů záleží spíše na znalostech autora spíše než na politice firmy.
Cisco na vlastních stránkách píše:
http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Enhanced_IGRP.html
"EIGRP integrates the capabilities of link-state protocols into distance vector protocols"
Co za těmi capabilities přímo myslí je otázka... ale jednoznačně to neimplikuje, že EIGRP je nějakým způsobem hybridní. Prostě jenom "trochu" vylepšený DV.
Když integruji vylepšení z raketoplánu do auta (jako třeba kevlarové díly), určitě nemáte hybridní auto ani nic mezi autem a raketoplánem, prostě pořád máte auto :D
respond to [10]tomfi: Hledal jsem trochu po netu a v hodně článcích se uvádí to značení Hybrid Routing Protocol (třeba www.ciscopress.com/articles/article.asp?p=99982&seqNum=3). Skoro všude se k tomu uvádí to, že EIGRP je v základu Distance Vector, který obsahuje i některé vlastnosti Link State.
Na druhou stranu, například na Wikipedii (en.wikipedia.org/wiki/EIGRP) někdo vysvětluje to, co jste říkal vy, že to označení Hybrid není správné. A například v odkazu, který jste uváděl, jej Cisco nepoužívá. Dává to smysl, takže jsem upravil info v článku.
Ahoj, vidím, že jste tady všichni velcí odborníci, tak bych vás ráda poprosila o radu...je nějaká obdoba certifikátu cisco? myslím tím jiný certifikát na stejné úrovni, který by mohl být např. u pohovorů do zaměstnání přijímán místo cisca? děkuji moc za odpověď