Ben Claringbold’s Blog

OSPF (Open Shortest Path First) is a classless, link-state routing protocol. The current version of OSPF for IPv4 is OSPFv2 introduced in RFC 1247 and updated in RFC 2328 by John Moy. In 1999, OSPFv3 for IPv6 was published in RFC 2740.

OSPF has a default administrative distance of 110, and is denoted in the routing table with a route source code of O. OSPF is enabled with the router ospf process-id global configuration command. The process-id is locally significant, which means that it does not have to match other OSPF routers in order to establish adjacencies with those neighbors.

The network command used with OSPF has the same function as when used with other IGP routing protocols, but with slightly different syntax.

Router(config-router)#network network-address wildcard-mask area area-id

The wildcard-mask is the inverse of the subnet mask, and the area-id should be set to 0.

OSPF does not use a Transport layer protocol, as OSPF packets are sent directly over IP. The OSPF Hello packet is used by OSPF to establish neighbor adjacencies. By default, OSPF Hello packets are sent every 10 seconds on multiaccess and point-to-point segments and every 30 seconds on non-broadcast multiaccess (NBMA) segments (Frame Relay, X.25, ATM). The Dead interval is the period of time an OSPF router will wait before terminating adjacency with a neighbor. The Dead interval is four times the Hello interval, by default. For multiaccess and point-to-point segments, this period is 40 seconds. For NBMA networks, the Dead interval is 120 seconds.

For routers to become adjacent, their Hello interval, Dead interval, network types and subnet masks must match. The show ip ospf neighbors command can be used to verify OSPF adjacencies.

The OSPF router ID is used to uniquely identify each router in the OSPF routing domain. Cisco routers derive the router ID based on three criteria and with the following precedence:

1. Use the IP address configured with the OSPF router-id command.

2. If the router-id is not configured, the router chooses highest IP address of any of its loopback interfaces.

3. If no loopback interfaces are configured, the router chooses highest active IP address of any of its physical interfaces.

RFC 2328 does not specify which values should be used to determine the cost. Cisco IOS uses the cumulative bandwidths of the outgoing interfaces from the router to the destination network as the cost value.

Unlike EIGRP, OSPF is locally significant and does not need to match the other OSPF routers

show interface can be used to verify or determine the bandwidth value of an interface used by the OSPF metric

the command ip ospf cost can be used to modify the OSPF cost without changing the bandwidth value

By default OSPF hello packets are sent every 10 seconds on multiaccess and point to point segments, and every 30 seconds on non broadcast multiaccess segments

These values must match before two routers form an OSPF adjacency; Hello interval, Dead interval, Network type, Subnet masks

Electing a DR nad BDR creates multiple adjacencies, one adjacency for every pair of routers and extensive flooding of LSAs

DRis the router with the highest OSPF interface proirity and the BDR is second. If they are equal the highest router ID is used to decide

When DR fails the BDR becomes the new DR and an election takes place for a new BDR

An OSPF interface priority of 0 means the routers interface is ineligible to become a DR or BDR

the command default-information originate is used to propagate a default route in OSPF

Link-state routing protocols are also known as shortest path first protocols and are built around Edsger Dijkstra’s shortest path first (SPF) algorithm. There are two link-state routing protocols for IP: OSPF (Open Shortest Path First) and IS-IS (Intermediate-System-to-Intermediate-System).

The link-state process can be summarized as follows:

1. Each router learns about its own directly connected networks.

2. Each router is responsible for “saying hello” to its neighbors on directly connected networks.

3. Each router builds a Link-State Packet (LSP) containing the state of each directly connected link.

4. Each router floods the LSP to all neighbors, who then store all LSPs received in a database.

5. Each router uses the database to construct a complete map of the topology and computes the best path to each destination network.

A link is an interface on the router. A link-state is the information about that interface including its IP address and subnet mask, the type of network, the cost associated with the link, and any neighbor routers on that link.

Each router determines its own link-states and floods the information to all other routers in the area. As a result, each router builds a link-state database (LSDB) containing the link-state information from all other routers. Each router will have identical LSDBs. Using the information in the LSDB, each router will run the SPF algorithm. The SPF algorithm will create an SPF tree, with the router at the root of the tree. As each link is connected to other links, the SPF tree is created. Once the SPF tree is completed, the router can determine on its own the best path to each network in the tree. This best path information is then stored in the router’s routing table.

Link-state routing protocols build a local topology map of the network that allows each router to determine the best path to a given network. A new LSP is sent only when there is a change in the topology. When a link is added, removed or modified, the router will flood the new LSP to all other routers. When a router receives the new LSP, it will update is LSDB, rerun the SPF algorithm, create a new SPF tree, and update its routing table.

Link-state routing protocols tend to have a faster convergence time than distance vector routing protocols. A notable exception is EIGRP. However, link-state routing protocols do require more memory and processing requirements. This is usually not an issue with today’s newer routers.

Link state routing protocols use the shortest path first (SPF) algorithm, aka Dijkstra’s algorithm

In link state terminology, a link is an interface on a router

A link state is the information regarding that link. This can include the routers IP address, the type of network, the cost of the link, and if there are any neighbouring routers on that link

A neighbor is a router tha shares a link, a directly connected network with another router. Routers discover their neighbors by using the hello packets of a specific routing protocol

Routers store LSPs in link state databases also known as topological databases. The SPF algorithm is run using these LSPs to create the SPF tree and determine the shortest path to each network

Link state routing protocols do not send out typical peroidic updates like rip or IGRP. OSPF routers do send out their own LSPs every 30 minutes, however this is used differentlly than a periodic update.

Link state advantages are;

• use of a topological map, SPF tree of the network
• Faster convergence (EIGRP is an exception)
• No periodic updates unlike some distance vector routing protocols
• Specific LSP flooded only when there is a change in the topology

The requirements for using a link state routing protocol are;

• More memory for link state database
• More CPU processionf for the SPF algorithm
• More bandwidth for flooding of LSPs

Two common link state routing protocols used today are OSPF and IS-IS

EIGRP (Enhanced Interior Gateway Routing Protocol) is a classless, distance vector routing protocol released in 1992 by Cisco Systems. EIGRP is a Cisco proprietary routing protocol and an enhancement of another Cisco propriety protocol IGRP (Interior Gateway Routing Protocol). IGRP is a classful, distance vector routing protocol which is no longer supported by Cisco. EIGRP uses the source code of “D” for DUAL in the routing table. EIGRP has a default administrative distance of 90 for internal routes and 170 for routes imported from an external source, such as default routes.

EIGRP used PDMs (Protocol Dependent Modules) giving it the capability to support different Layer 3 protocols including IP, IPX and AppleTalk. EIGRP uses RTP (Reliable Transport Protocol) as the Transport layer protocol for the delivery of EIGRP packets. EIGRP uses reliable delivery for EIGRP updates, queries and replies; and uses unreliable delivery for EIGRP hellos and acknowledgments. Reliable RTP means an EIGRP acknowledgment must be returned.

Before any EIGRP updates are sent, a router must first discover their neighbors. This is done with EIGRP hello packets. On most networks EIGRP sends hello packets every 5 seconds. On multipoint nonbroadcast multiaccess networks (NBMA) such as X.25, Frame Relay, and ATM interface with access links of T1 (1.544 Mbps) or slower, Hellos are sent every 60 seconds. The hold time is three times the hello, or 15 seconds on most networks and 180 seconds on low speed NBMA networks.

The hello and hold-down values do not need to match for two routers to become neighbors. The show ip eigrp neighbors command is used to view the neighbor table and verify that EIGRP has established an adjacency with its neighbors.

EIGRP does not send periodic updates like RIP. EIGRP sends partial or bounded updates, which includes only the route changes and only to those routers that are affected by the change. EIGRP composite metric uses bandwidth, delay, reliability and load to determine best path. By default only bandwidth and delay are used. The default calculation is the slowest bandwidth plus the sum of the delays of the outgoing interfaces from the router to the destination network.

At the center of EIGRP is DUAL (Diffusing Update Algorithm). The DUAL finite state machine is used to determine best path and potential backup paths to every destination network. The successor is a neighboring router that is used to forward the packet using the least-cost route to the destination network. Feasible distance (FD) is the lowest calculated metric to reach the destination network through the successor. A feasible successor (FS) is a neighbor who has a loop-free backup path to the same network as the successor, and also meets the feasibility condition. The feasibility condition (FC) is met when a neighbor’s reported distance (RD) to a network is less than the local router’s feasible distance to the same destination network. The reported distance is simply an EIGRP neighbor’s feasible distance to the destination network.

EIGRP is configured with the router eigrp autonomous-system command. The autonomous-system value is actually a process-id and must be the same on all routers in the EIGRP routing domain. The network command is similar to that used with RIP. The network is the classful network address of the directly connected interfaces on the router. A wildcard mask is an optional parameter that can be used to include only specific interfaces.

There are several ways to propagate a static default route with EIGRP. The redistribute static command in EIGRP router mode is a common method.

EIGRP uses the DUAL (diffusing update algorithm)

EIGRP sends bounded updates, only the routing info that is needed and only to the routers that need it

show ip eigrp neighbors can be used to verify eigrp has established relationships with its directly connected neighbors

EIGRP uses bandwidth, delay, reliability and load as metrics. Only bandwidth and delay are used as default

Feasibility condition is when the neighbors reported distance (RD) to a network is less that this router’s feasible distance to the same destination network

You can disable auto summary with the no auto-summary command

A null0 summary route is automatically added to the routing table by EIGRP when there is at least one child route with a routing source of EIGRP and the default auto-summary command is used

The Cisco IP routing table is structured in a classful manner, which means that it uses to the default, classful addresses, to organize the route entries. The source of a routing entry can be a directly connected network, static route, or a route learned dynamically from a routing protocol.
In this chapter, you learned that there are level 1 and level 2 routes. A level 1 route can be either an ultimate route or a parent route. A level 1 ultimate route is a route with a subnet mask equal to, or less than the default classful mask of the network; and either a next hop address or an exit interface. For example, a route learned through RIP with the network address of 192.168.1.0 and a /24 network mask is a level 1 ultimate route. These routes are displayed in the routing table as a single route entry, such as:

R 192.168.1.0/24 [120/1] via 172.16.2.2, 00:00:25, Serial0/0/0

Another type of level 1 route is a parent route. A level 1 parent route is automatically created when a subnet route is added to the routing table. The subnet route is known as a level 2 child route. The parent route is a header for level 2 child routes. Here is an example of a level 1 parent route and a level 2 child route:

172.16.0.0/24 is subnetted, 1 subnets
R 172.16.1.0 [120/1] via 172.16.2.1, 00:00:07, Serial0/0/0

The subnet mask of the child routes are displayed in the parent route unless VLSM is used. With VLSM, the parent route displays the default classful mask and the subnet mask is included with the individual VLSM route entries.

When a packet is received by the router, it looks for the longest match with one of the routes in the routing table. The longest match is the route with the largest number of left-most bits that match between the destination IP address of the packet and the network address of the route in the routing table. The subnet mask associated with the network address in the routing table defines the minimum number of bits that must match for that route to be a match.

A level 1 or 2 route is an ultimate route when the route also contains a next hop IP address or exit interface

A subnet mask is displayed with the child route and not the parent route when you use VLSM or a classless protocol

The parent route is created when the subnet (level 2 child) route is added to the routing table.

A parent route cannot exist without any child routes

The default routing behavior on cisco routing is classless, this can be modified by using the no ip classless command

RIPv2 is a classless, distance vector routing protocol, that is defined in RFC 1723. Because RIPv2 is a classless routing protocol, it includes the subnet mask with the network addresses in the routing updates. As with other classless routing protocols, RIPv2 supports CIDR supernets, VLSM and discontiguous networks.

We saw that classful routing protocols like RIPv1 can not support discontiguous networks because they automatically summarize at major network boundaries. A router that receives routing updates from multiple routers advertising the same classful summary route cannot determine which subnets belong to which summary route. This inability leads to unexpected results including misrouted packets.

The default version of RIP is version 1. The command version 2 is used to modify RIP to RIPv2.

Similar to RIPv1, RIPv2 automatically summarizes at major network boundaries. However, with RIPv2 automatic summarization can be disabled with the no auto-summary command. Automatic summarization must be disabled to support discontiguous networks. RIPv2 also supports CIDR supernets and VLSM because the specific subnet mask is included with the network address in every routing update. You can use the debug ip rip command to view the RIP update sending the subnet mask with the network address as part of the route entry.

The show ip protocols command will display that RIP is now sending and receiving version 2 updates and whether or not automatic summarization is in effect.

no auto-summary command is used to disable automatic summarization

this is used when you have discontiguous subnets

Classless routing protocols have the capability of carrying the subnet mask in route advertisments

Auto summarization is enabled by default in RIPv2

Class A addresses range from 0.0.0.0 to 127.255.255.255. Class B ranges from 128.0.0.0 to 191.255.255.255 and class C from 192.0.0.0 to 223.255.255.255

A classless routing protocol includes the subnet mask in the routing update, Classful does not.

Classless routing protocols allow the use of VLSM and CIDR

If the network address in the routing update is on the same major classful network as the receiving interface, the classful routing protocol will use the same mask as the interface. Otherwise, it will use the default class mask.

CIDR and NAT helped with the problem with IPv4 addresses becoming depleted.

Subnetting a subnet is known as VLSM (Variable length subnet masking)

Supernetting refers to the ability to summarize networks less than the classful default mask. Classless routing protocols are required to propagate a supernet route because the subnet mask must be included with the summarized network address.

CIDR=Classless inter-domain routing

RIP is a distance vector routing protocol, it used hop count as its only metric for path selection. Advertised routes with hop counts greater than 15 are unreachable. Messages are broadcast every 30 seconds.

To configure rip, the commands are;

• (config)# router rip
• (config-router)# network “networking address”

The three commands you can use to verify and troubleshoot a RIP config are;

• show ip route
• show ip protocols
• debug ip rip

The passive-interface command is used to stop RIP updates from being sent out an interface where RIP updates are not needed. For example, a lan interface would only need to send out RIP updates if there is another RIP enabled device on the lan.

RIP entries are displayed in the routing table with the source code of R and have an administrative distance of 120. Default routes are propagated in RIP by configuring a static default route and using the default-information-originate command in RIP.

RIP v1 does not support VLSM

RIP and IGRP are distance vector routing protocols characterized by periodic updates that are broadcast to directly connected neighbours. The entire routing table is sent in the update.

Convergence is when all routers in the network have consistent and correct information about how to reach destination networks. A network is not completely operable until it has converged, so routing protocols require short convergence times.

The 4 main timers in RIP are; Update Timer: (30 seconds) used to time when to send the next update

Invalid Timer: (180 seconds) Used to mark a route as invalid by setting the metric to 16 if an update has not been recieved to refresh the existing route after 180 seconds

Holddown Timer: (180 seconds) The amount of time an unreachable route is in holddown

Flush Timer: (240 seconds) Time until a route is removed from the routing table

Distance vector routing protocols use 5 techniques to prevent routing loops, they are

• Defining maximum metric to prevent count to infinity
• Holddown timers
• Split horizon
• Route poisoning or poison reverse
• Triggered updates

Distance vector routing protocols include RIP v1 RIP v2 IGRP and EIGRP

Routers that use distance vector routing protocols determine the best path to remote networks based on the information they learn from their neighbours.

Dynamic routing protocols are used by routers to automatically learn about remote networks from other routers.

Routing protocols not only discover remote networks, but also have a procedure for maintaining accurate network information. When there is a change in the topology it is the function of the routing protocol to inform other routers about this change.

Dynamic routing protocols can be classified as either interior or exterior, distance vector or link-state, classful or classless and by speed or convergence.

The most common metrics used in ip dynamic routing protocols are hop count, bandwidth, delay and cost.

Metrics are used by routing protocols to determine the best path or shortest path to reach a destination network. Different routing protocols may use different metrics. Typically, a lower metric means a better path. Five hops to reach a network is better than 10 hops.

Static routes can be configured with a next-hop IP address, which is commonly the IP address of the next-hop router. When a next-hop IP address is used, the routing table process must resolve this address to an exit interface. On point-to-point serial links it is usually more efficient to configure the static route with an exit interface. On multiaccess networks such as Ethernet, both a next-hop IP address and an exit interface can be configured on the static route.

Static routes have a default administrative distance of “1″. This administrative distance also applies to static routes configured with a next-hop address as well as an exit-interface.

A static route will only be entered in the routing table if the next-hop IP address can be resolved through an exit interface. Whether the static route is configured with a next-hop IP address or exit interface, if the exit interface that is used to forward that packet is not in the routing table, the static route will not be included in the routing table.

In many cases, several static routes can be configured as a single summary route. This means fewer entries in the routing table and results in a faster routing table lookup process. The ultimate summary route is a default route, configured with a 0.0.0.0 network address and a 0.0.0.0 subnet mask. If there is not a more specific match in the routing table, the routing table will use the default route to forward the packet to another router.