Saturday, August 16, 2008

General Routing Overview

Finally I´m back at home, things are getting better, these cool pills they gave  me will probably end  next week (those little things are really getting me down, you have no idea of how much I´ve been sleeping last couple days because of it, I look like one of my cats now!) But that´s ok! :)

Well... today besides some house keeping and a little shopping at the supermarket, I was able to rest a while more, and watch the General Routing Video-on-Demand from IPExpert CCIE R&S Blended Learning Solutions.

Very informative. Everytime you see a guy saying: Ah... I don´t need general or basic concepts, I do know it already... well... ok, he may know his stuff really good, but you can ALWAYS learn a new trick, or finally put an end to that doubt that´s bothering you for so many years!

And of course! Those videos are the real concept of " State of  Art" Class on Demand!

Enough on that... let´s get into the part that really pays for the product, the technical details...

The Network Command:

It starts with our friend the network command... As we all learned back in the CCNA days (on the CCNP, specially in the OSPF part of it, we start change our mind) the network command is used to advertise networks... we can´t say that´s incorrect, but there´s not the full true either! The network command actually enables an interface to participate in the Routing Protocol, thus this interface will advertise it´s network, and the Routing Protocol brings it to the RIB.

Check the example (exactly the same one on the video):

- F0/0 IP Address: 10.1.1.1/24

  • network 10.0.0.0 0.255.255.255
  • network 10.1.0.0 0.0.255.255
  • network 10.1.1.0 0.0.0.255
  • network 10.1.1.1 0.0.0.0

Regarding only this  interface F0/0, no matter which of the above network statements you choose, they all do the same thing! It´ll bring the F0/0 (10.1.1.1) interface into the Routing Protocol. The network command only tells which interface will be participating in the Routing Protocol, not how the network is going to be advertised, advertising actually is a secondary reaction of it!

Secondary Address:

Also, there is a really nice explanation on the video about Secondary Addresses! Follows some concepts learned from it:

You can´t just advertise the secondary address, you need to advertise the primary first, than, the secondary if you want to.  Also you can´t do passive-interface on your primary address and still send things out with your secondary address!  A general rule for that is: when you send any packet out of an interface (keep in mind that routing updates are packets too) ALWAYS the source IP Address for that packest will be the Primary IP  Address of that interface!

Check this example for RIP (it works for EIGRP too):

Secondary Address

Ok, so, everyone is on the same ethernet segment... and everyone will hear about each others Broadcast and Multicast packets which is good in our scenario. When R3 sends Routing Updates to R2, R1 will listen to this too, but it´ll treat it as invalid, because, it´s not on the same subnet as R3. The same happens when R1 sends it´s Routing Updates to R2.

So... how to make this happen?! Hmmm... R2 has both networks, so if we disable the split-horizon in it´s F0/0 we´re good?! Not exact like that... Remember... R2 Packets will ALWAYS use the Primary Address (in this case 10.1.1.2) as the source, so R3 will still having problems, it works for R1, but not for R3.

The solution would be (in this particular RIP example) to use the  no validate-update-source command under the Router RIP, that will tell your router to not validate the source IP Address of the routing updates when they´re received, just allow they to come in! So, to solve the problem, we can do that on both R1 and R3 of the example. Other solution would be disable split-horizon on R2 and use the no validate-update-source under Router RIP of R3, that work as well, but, doesn´t look  "clean" if you know what I mean! ;)

That basically says "I don´t care from who you learned, go ahead and allowed it to come in!"

IP Unnumbered:

Another topic brought up on this video regards IP Unnumbered!

The IP unnumbered interface configuration allows you to enable IP processing on an interface without assigning it an explicit IP Address. The IP unnumbered interface can "borrow" the IP Address from another interface that is already configured on the local Router, or Layer 3 equipment, thereby conserving network and address space.

Check out this topology:

IP Unnumbered

So how can we get this topology to work?! One side of the link is 10.1.1.0/24, the other end is using 11.1.1.0/24... How can that work?! Well... if you´re allowed to use PPP we´re good! PPP has a feature called "peer neighbor-route", that will get the exact IP Address of the router on the other end of the link, and show it as connected in our local router!

Take a look at the Routing Table with this setup:

R1(config-if)#do sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS,su- IS-IS summary,L1-IS-IS level-1,L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Loopback0
     11.0.0.0/32 is subnetted, 1 subnets
C       11.1.1.2 is directly connected, Serial0/0

R2(config-if)#do sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS,su- IS-IS summary,L1-IS-IS level-1,L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/32 is subnetted, 1 subnets
C       10.1.1.1 is directly connected, Serial0/0

     11.0.0.0/24 is subnetted, 1 subnets
C       11.1.1.0 is directly connected, Loopback0

Of course, we may not be able to use PPP over this link, they may ask for GRE Tunnels or something else, if so, another solution that meets their  requirements would need to be implemented, like static routes or something like that!

Administrative Distance:

I thought I knew almost everything about  Administrative Distance... again... I was wrong... the Master Jedis showed me once again, that, there´s ALWAYS something to learn.

Lets check some examples, like RIP and OSPF (the ones in the video) :

If you want to change the administrative distance for RIP, you´ll just change it for RIP at all, I mean, there´s no internal, external routes or anything else in it! So you just change the Administrative Distance for RIP. Example:

router RIP
distance 140

After that, all RIP learned routes in the Routing Table will have the Administrative Distance of 140!

Things get a little more complicated with OSPF... In OSPF we have intra-area, inter-area and external routes! Check this example:

router OSPF 1 
distance ospf  intra-area 110 inter-area 110
external 80

So, what that means, External Routes in OSPF will be preferred over Intra-Area routes?! Hmmm... not so fast buddy! That command does NOT change how the OSPF makes it´s decisions! It´ll always preffer intra-area routes first, than inter-area routes, and just after that the external routes!

The command only says if an external LSA wins the OSPF RIB election, than give it the administrative distance of 80, so it will be preferred over EIGRP for example! But, if it doesn´t win the election, if you get the same route announced internally from OSPF, the internal one will be used with the administrative distance of 110 and that´s it! The distance command only works if the routes gets handled to the Routing Table, that´s the order of operation!

As said earlier, it´ll NOT affect HOW OSPF makes it´s decisions!

Cool, isn´t it?! :)

Now, to manipulate distance for specific routes, we first need to create an access-list with the routes you want to change the Administrative Distance, the diagram bellow will give you all the reference you need specially for OSPF:

Route AD

Or... instead of that, you can use 0.0.0.0 255.255.255.255 and that will tell the router to really don´t care from who it  learned the route  from, just change the Administrative Distance on it!

So, the command now will look like:

router ospf 1
  distance 190 0.0.0.0 255.255.255.255 20

Much easier, don´t you think?!

ODR:

On Demand Routing, or ODR, it´s normally used in the Frame-Relay HUB Router. It is a feature that provides IP Routing for Stub Sites, with minimum overhead!

ODR uses CDP (Cisco Discovery Protocol) to carry the "routing" information between the hub and stub routers. The stub routers send IP Prefixes to the hub router via CDP, and the hub router will send a default-route to the stub also, via CDP. Oh yeah, almost forgot, ODR supports VLSM!

It is a nice solution to be used in a HUB and Spoke topology, if your Spoke is also a Stub Router.

The only thing you need to do is: start the ODR proccess in the HUB Router, nothing else, considering that your network is already configured. The command to achieve this is: router odr.

Don´t forget...ODR uses CDP, so in our frame-relay example, we´ll need to allow broadcasts in the map statements, and also, enable CDP in the frame-relay interface (you can check in CDP is already enabled or not with the command show cdp interface, if it is not you can enable it with the command cdp enable).

So what will happen now?! The HUB Router will send a default-route to the Spoke (that will set up the gateway of last resort to the ODR hub router), and the Spoke will send it´s IP Prefixes to the HUB Router, check the diagram below, you´ll get the idea:

ODR

Check the Routing Table for R1 (HUB) and R2 (Spoke):

R1(config-router)#do sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS,su- IS-IS summary,L1-IS-IS level-1,L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     15.0.0.0/24 is subnetted, 1 subnets
o       15.5.5.0 [160/1] via 10.1.1.2, 00:00:20, Serial1/0
     16.0.0.0/24 is subnetted, 1 subnets
o       16.6.6.0 [160/1] via 10.1.1.2, 00:00:18, Serial1/0
     17.0.0.0/24 is subnetted, 1 subnets
o       17.7.7.0 [160/1] via 10.1.1.2, 00:00:18, Serial1/0
     18.0.0.0/24 is subnetted, 1 subnets
o       18.8.8.0 [160/1] via 10.1.1.2, 00:00:18, Serial1/0

     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial1/0
     11.0.0.0/24 is subnetted, 1 subnets
C       11.1.1.0 is directly connected, Loopback0
     12.0.0.0/24 is subnetted, 1 subnets
C       12.2.2.0 is directly connected, Loopback1
     13.0.0.0/24 is subnetted, 1 subnets
C       13.3.3.0 is directly connected, Loopback2
     14.0.0.0/24 is subnetted, 1 subnets
C       14.4.4.0 is directly connected, Loopback3

R2(config-if)#do sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS,su- IS-IS summary,L1-IS-IS level-1,L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.1.1.1 to network 0.0.0.0

     17.0.0.0/24 is subnetted, 1 subnets
C       17.7.7.0 is directly connected, Loopback2
     16.0.0.0/24 is subnetted, 1 subnets
C       16.6.6.0 is directly connected, Loopback1
     18.0.0.0/24 is subnetted, 1 subnets
C       18.8.8.0 is directly connected, Loopback3
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial1/0
     15.0.0.0/24 is subnetted, 1 subnets
C       15.5.5.0 is directly connected, Loopback0
o*   0.0.0.0/0 [160/1] via 10.1.1.1, 00:00:16, Serial1/0

Also, keep in mind that as soon as you enable any other Routing Protocol in the Spoke, that ceases to work. The Spoke will still learne the 0.0.0.0/0 default-route, but it´ll no longer send up to the HUB any detailed information about it´s networks, that will be done by the Routing Protocol if you configure it to do so!

So, to summarize:

HUB --> Spoke = 0.0.0.0/0
Spoke --> HUB = advertise it´s connected networks.

One more piece of advice... this may be a way to get a default-route without using any static route or default-information originate in the exam!

You can find more information about ODR either on IPExpert CCIE R&S Blended Learning Solutions or in Cisco´s Website, the following link is a good start:

http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080093fde.shtml#t7

Last thing... those Videos from IPExpert ROCKS man! If you´re following my posts till now, you now that already! It really looks like I´m attending a "on-site" bootcamp! I´m loving it!

2 comments:

Nickelby said...

I agree with you man. The IPExpert video rocks. Coincidently I was viewing the same video as you today but still not as hardcore as you on the studying part till October 2008 (still need to get my wedding dinner reception plans over with first).

Caue said...

Hey buddy! How are you?!

It´s been a while since we exchanged our last comments/msgs!

Oh! Wife! I´m married for 6 years now, it is very nice, that is something I can tell to you!! Take good care of her, don´t leave she alone and just work, study, study, study, work, balance things! You´re doing just just right man! wedding first, than you´re good to "swallow" many books, videos, everything!

I still a bit slower than what I was planning, last week a got a surgery, and that also ruined part of my vacation plans!

I´m spending MUCH time reading, getting the theorical part before facing the labs, I´ve done some already, but I still missing some theory. And that´s where the Videos and Books are helping me!

Actually Im spending like 4 hours reading books (actually I´m reading Doyle TCP/IP Vol. 1), 2hs watching videos, and 2hs transforming my notes into blog posts!

In the past I thought that those "2 hours" blogging would just loose my time, but it´s really the opposite, it helps to stick information in my head, and also, I have all my notes in one place, where I can "search" from! Very good in my opinion!

I still wish I had more time, it would be easier if I were single, but I don´t change my marriage for nothing sir! ;)

Wish all the best to you and to your future wife!! Let us know when it´ll be the date! Send some pictures!

Have a nice (study) weekend!

Best Regards!