308 1037_05F9_c2
1
© 1999, Cisco Systems, Inc.
Deploying OSPF/NLSP/IS-IS Session 308
308 1037_05F9_c2
© 1999, Cisco...
35 downloads
729 Views
1MB Size
Report
This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Report copyright / DMCA form
308 1037_05F9_c2
1
© 1999, Cisco Systems, Inc.
Deploying OSPF/NLSP/IS-IS Session 308
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
2
1
Agenda • Dijkstra • Link-State Implementations • Other Protocols • Conversion • Design Recommendations
308 1037_05F9_c2
3
© 1999, Cisco Systems, Inc.
Dijkstra What Is a Link-State, Anyway?
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
4
2
Dijkstra Agenda
• Algorithm Review • Example • Concepts
308 1037_05F9_c2
5
© 1999, Cisco Systems, Inc.
Dijkstra Shortest Path First (SPF) Algorithm • Link state database Created with Link State Packets (LSPs) from each router
• TENT database Tentative triples (ID, path cost, direction) 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
6
3
Dijkstra (SPF Cont.)
• PATH database Best path triples (ID, path cost, direction)
• Forwarding database AKA the routing table
308 1037_05F9_c2
7
© 1999, Cisco Systems, Inc.
Dijkstra (SPF Cont.) • All routers exchange Link State Packets (LSPs) • Each starts with itself as root • Tent is built from LSPs • Path is created by examining and comparing Tent triples
308 1037_05F9_c2
• Once Path is final, the forwarding table is populated © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
8
4
Dijkstra Example: 4
1
C
4
B
A
2
2
D 1 E
F
2
2
G
• Router IDs are alphabetic • Costs are numeric • Lowest cost best 308 1037_05F9_c2
9
© 1999, Cisco Systems, Inc.
LSP Data A
B
C
D
E
G
F
B/4
A/4
B/1
C/4
C/2
E/2
A/2
G/2
C/1
D/4
E/1
D/1
G/2
F/2
E/2
4
C
F/2
1
B
4
2
A 2
D 1 E
308 1037_05F9_c2
2
F
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
2
G
10
5
Dijkstra Example (Cont.) B (0) A (4)
C (1)
• As an example, start with B • A and C costs are Tent
308 1037_05F9_c2
11
© 1999, Cisco Systems, Inc.
Dijkstra Example (Cont.) B (0) C (1)
• Now fill in A • G is Tent
A (4)
G (6)
• BA is now in Path 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
12
6
Dijkstra Example (Cont.) B (0) A (4)
C C (1) D (5)
E
G (6)
(3)
• Now fill in C • D and E are Tent 308 1037_05F9_c2
• BC is now in Path 13
© 1999, Cisco Systems, Inc.
Dijkstra Example (Cont.) B (0)
X
A (4)
C C (1)
D (5)
• Now fill in D
E
(3)
G (6)
• D and E are still Tent • DC does not provide better path 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
14
7
Dijkstra Example (Cont.) B (0) A (4)
C C (1) D (4)
E
• Now fill in E
G (6)
(3)
• F is Tent
F (5)
• CD is removed • ED and CE are in path 308 1037_05F9_c2
15
© 1999, Cisco Systems, Inc.
Dijkstra Example (Cont.) B (0) A (4)
C C (1) D (4)
E
(3)
X
• Now fill in F • G is Tent
G (6)
F (5)
• EF is in path 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
16
8
Dijkstra Example (Cont.) B (0) A (4)
C C (1) D (4)
E
G (6)
(3)
• Now fill in G • FG is removed
F (5)
• AG is in path 308 1037_05F9_c2
17
© 1999, Cisco Systems, Inc.
Dijkstra Concepts • SPF is simple :-) • However: How did each router receive the LSPs? What happens if a change occurs? How do we handle other kinds of routers? 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
18
9
Dijkstra Concepts (Cont.)
• How? We create a protocol
• What does it do? Creates and maintains the Path Database Populates the forwarding table
308 1037_05F9_c2
19
© 1999, Cisco Systems, Inc.
Dijkstra Protocols
• CLNS/DECnet Phase 5 • IS-IS • OSPF • NLSP
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
20
10
Link-State Implementations IS-IS
308 1037_05F9_c2
21
© 1999, Cisco Systems, Inc.
Areas and Backbone Routers • ISIS has a two-level hierarchy: The backbone (Level 2) The areas (Level 1)
• An IS can be: Level-1
router (intra-area routing)
Level-2
router (inter-area routing)
Level-1-2 router (intra- and inter-area routing) 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
22
11
Areas and Backbone Routers • Level-1 router Has neighbors only on the same area Has the Level-1 LSDB with all routing information for the area Use the closest Level-2 router to exit the area This may result in sub-optimal routing 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
23
Areas and Backbone Routers
• Level-2 router May have neighbors in other areas Has a Level-2 LSDB with all information about inter-area routing
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
24
12
Areas and Backbone Routers
• Level-1-2 router May have neighbors on any area Has two LSDBs: Level 1 for the intra-area routing Level 2 for the inter-area routing
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
25
Areas and Backbone Routers
• ISIS does not have a backbone area • The backbone is the contiguous collection of Level-2-capable routers • More flexible and allows better scaling
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
26
13
The Backbone • L2 routers must form contiguous backbone • A router can’t tell whether it is a transit IS, therefore the Cisco default is to be L1L2 • But running L1L2 everywhere is less scalable 308 1037_05F9_c2
27
© 1999, Cisco Systems, Inc.
The Backbone Consists of the Contiguous Collection of L2 Capable Routers Area 3 L1 Only
L1L2 L2 Only
L1L2 L1L2
L1 Only
Area 2
Area 4
L1L2
L1L2
L1 Only
Area 1 L1 Only 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
28
14
Level-1 vs. Level-2 Routing Area 1
Area 2 Rtr A
Rtr B
Rtr C
Area 3
• Rtr B has neighbors only in its own area, so it could have a Level-1 behavior • But Rtr A and C rely on Rtr B to connect Areas 2 and 3 • Rtr B must have a full L2 LSDB to route to Areas 2 and 3 • The Level-2 backbone must be contiguous 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
29
Areas and SPF Calculation • ISs are identified with NETs, 8 to 20 bytes Variable length area-address 6 Byte system ID (unique in the whole domain for Level-2 routers) 1 Byte n-selector (set to 0)
• Each IS is in exactly one area • Area borders are on links, not routers 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
30
15
SPF (Dijkstra) and Partial Route Calculation • SPF (Dijkstra) is run when topology has to be calculated (SPF tree) • PRC (Partial Route Calculation) is executed when IP routing information has to be calculated • If an IS receives an LSP where only IP information has changed, it will run PRC only (less CPU) 308 1037_05F9_c2
31
© 1999, Cisco Systems, Inc.
Protocol Limitations • Metrics are six bits wide Interface metric is from 0 to 63 Default interface metric is 10 unless manually specified
• All areas are stub like Might result in sub-optimal routing between areas 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
32
16
Protocol Limitations
• NBMA problem ISIS does not have p2mp concept Always use p2p sub-interfaces with NBMA networks Mesh-groups feature optimises flooding over NBMA clouds 308 1037_05F9_c2
33
© 1999, Cisco Systems, Inc.
Link-State Implementations NLSP
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
34
17
NLSP Specification 1.0 • Nearly identical to ISIS specification • Uses IPX packet Socket 0x9001 type 0x00 Rest of packet nearly identical to ISIS
• IPXWAN and services extra • Single area Connect multiple areas via RIP/SAP 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
35
NLSP Specification 1.1
• Multi-area with route aggregation and route leaking/redistribution • Change to SAP handling No longer need direct route to service
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
36
18
Areas and Aggregates
• Method to decrease number of LSPs LSPs only within that network’s area
• One entry summarizes an entire area • Best to have all addresses in the area match and none outside the area • Supported in IOS 11.1 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
37
Areas and Aggregates • RIP, NSP 1.0, and EIGRP don’t understand aggregated routes Must use the IPX default route at borders 0xFFFFFFFE (-2), similar to IP RIP’s 0.0.0.0
• Six-area limit to aggregate information • Requires rigid hierarchical design Some sites may need to reorganize numbers 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
38
19
Network Design Issues • WANs need to be p2p • For multi area and aggregation: Network needs to be hierarchical Need Server NLSP 1.1 support RIP, EIGRP, and NLSP 1.0 do not understand summary information Need to use default-route Aggregate/summary info has six-area limit 308 1037_05F9_c2
39
© 1999, Cisco Systems, Inc.
Link-State Implementations OSPF
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
40
20
OSPF History
• Development began 1987 by IETF • OSPFv2 established in 1991 with RFC 1247 • Goal: a link state protocol more efficient and scalable than RIP • Latest revision is RFC 2328 April 1998 308 1037_05F9_c2
41
© 1999, Cisco Systems, Inc.
OSPF
• Metric: path cost • Fast convergence • Support for CIDR, VLSM, authentication, multi-path, and IP unnumbered • Low, steady state BW requirement 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
42
21
OSPF Protocol Structure and Operation
308 1037_05F9_c2
43
© 1999, Cisco Systems, Inc.
OSPF Algorithm
• Any network change generates link-state advertisements (LSA) • All routers exchange LSAs via MAC layer multicast to build and maintain a consistent database • The protocol remains relatively quiet during steady-state conditions 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
44
22
Cost = Metric • Cost applied on all router link paths • Positive number 1–65,535 • The lower the more desirable • Relevant going out an interface only • Route decisions made on total cost of path 308 1037_05F9_c2
45
© 1999, Cisco Systems, Inc.
OSPF Metric • Derived from bandwidth 100 ÷ bandwidth 56-kbps serial link = 1785 64-kbps serial link = 1562 T1 (1.544-Mbps serial link) = 65 Ethernet = 10 Fast Ethernet / FDDI = 1
• Configured via:
308 1037_05F9_c2
Interface sub-command: bandwidth Interface sub-command: ip ospf cost Router sub-command: ospf auto-cost reference-bandwidth Default = 108 © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
46
23
OSPF Timers • Hello = 10s hello-interval Hello timers supersede keepalive timers
• Neighbor down = 4 x hello dead-interval R2
• Between LSA resends = 5s
LSP
> RTT (retransmit-interval)
• Time to send an update = 1s (transmit-delay) • Delay between spf runs = 10s (timers spf) 308 1037_05F9_c2
LSP R4 LSP
R1
R5
LSP LSP R3
© 1999, Cisco Systems, Inc.
47
Topology/Link State Database • A router has a separate LS database for each area to which it belongs • All routers belonging to the same area have identical database • SPF calculation is performed separately for each area • LSA flooding is bounded by area • Router ID determined by interface 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
48
24
Areas • OSPF uses a two-level hierarchical model • Areas defined with 32 bit number Defined in IP address format
• 0.0.0.0 reserved for the backbone area • All areas must connect to area 0.0.0.0 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
49
Different Types of Routers • Internal routers (inside an area) • Backbone routers (inside Area 0) • Area Border Routers An ABR sits between two or more areas Must touch area 0
• Autonomous System Boundary Routers Redistribution makes a router an ASBR 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
50
25
Location of Different Routers Internal
Area 10 LAN
Internal
Area 12
LAN
ABR ABR Backbone
ABR
Area 0 ABR
Area 11 Internal 308 1037_05F9_c2
ASBR
RIP/RIPv2 World 51
© 1999, Cisco Systems, Inc.
Using Areas • The tool to make OSPF scale • One SPF per area, flooding done per area • Different types of areas do different flooding Normal areas Stub areas Totally stubby (stub no-summary) Not so stubby areas (NSSA) 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
52
26
When a Link Changes State Router 2, Area 1 Router 1, Area 1 LSA Link State Table
ACK
• Every router in area hears a specific link LSA • Each router computes shortest path routing table 308 1037_05F9_c2
Dijkstra Algorithm
Old Routing Table
New Routing Table
© 1999, Cisco Systems, Inc.
53
Different Types of LSAs • Router Link (LSA type 1) • Network Link (LSA type 2) • Network Summary (LSA type 3) • ASBR (LSA type 4) • External (LSA type 5) • NSSA External (LSA type 7) 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
54
27
Opaque LSAs • RFC 2370 Used for distribution for applications
• Opaque Link-Local (LSA type 9) • Opaque Area-Local (LSA type 10) First Cisco Implementation with RSVP
• Opaque AS (LSA type 11) Similar to Type 5 308 1037_05F9_c2
55
© 1999, Cisco Systems, Inc.
Location of Different LSAs
Area 10 Type 2
11/8
Type 3 Type 5 ABR
Type 3 Type 5 Area 0 12/8
ABR
Area 11 13/8 Type 5
ASBR
LSA Types 1) Router 3) Summary 2) Network 5) External 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
RIP World 14/8
56
28
Designated Routers • Reduce OSPF traffic on multi-access links • Store and distribute neighbors LSDBs • Backup DR for redundancy • OSPF priority used in DR selection • Range 1-255 default 1, 0 for non-candidate 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
57
OSPF Media Options
• Pt-to-Pt • Non-Broadcast Multi Access (NBMA) • Multi-access media • Demand circuits (11.2)
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
58
29
Point-to-Point Media • Serial links • Multicast used • No DR or BDR
308 1037_05F9_c2
59
© 1999, Cisco Systems, Inc.
Non-Broadcast Multi-access Media (NBMA) • Frame Relay (multipoint), X.25 • Must define neighbors Frame Relay
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
60
30
Multi-Access Media • Gig/Fast/Ethernet, FDDI, Token Ring • Multicast • DR and BDR BDR
BDR 308 1037_05F9_c2
DR
DR 61
© 1999, Cisco Systems, Inc.
Demand Circuits • Allows efficient operation over demand circuits ISDN circuits, X25 SVCs, dialup lines
• Hellos and periodic refresh of OSPF routing suppressed Allows the underlying connection to be closed when not carrying application traffic 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
62
31
OSPF Hello Packets
• Multicast 224.0.0.5 on all router interfaces • Hello interval 10 sec. LAN, 30 sec. PDN • Used to form adjacencies between routers • Multicast 224.0.0.6 used with DR and BDR
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
63
OSPF Hello Packet Header
Version #
Type Packet Length Router ID Area ID Checksum AuType Authentication Authentication
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
64
32
Hello Packet Format Version #
1 Packet Length Router ID Area ID Checksum AuType Authentication Authentication
Network Mask HelloInterval Options
Rtr Pri
RouterDeadInterval Designated Router Backup Designated Router Neighbor 308 1037_05F9_c2
65
© 1999, Cisco Systems, Inc.
Building the Router Database • Hello packets discover neighbors • Two-Way Stage: communication established • Exstart Stage: master and sequence established r4
Hello, none seen
r5
Hello, r1,r2,r5 seen
DD seq=y,M DD seq=x,M DD seq=x,S 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
66
33
Database Description Packets • Contain link state database headers • Describe the current LSDB database • Exchange stage DD seq=x+1,M DD seq=x+1,S
DD seq=x+n,M
• • • DD seq=x+n,S
308 1037_05F9_c2
67
© 1999, Cisco Systems, Inc.
Database Description Packet Version #
2
Packet Length Router ID Area ID
Checksum
AuType
Authentication Authentication Interface MTU
Options
DD Sequence Number An LSA Header
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
68
34
Link State Request and Update Packets • Request for specific parts of database • Send only database updates requested • Loading Stage, labeled Full when complete Link State Request Link State Update Link State Request Link State Update
308 1037_05F9_c2
69
© 1999, Cisco Systems, Inc.
Link State Request Packet Version #
3 Packet Length Router ID Area ID
Checksum
AuType
Authentication Authentication LS Type Link State ID Advertising Router
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
70
35
Link State Update Packet Version #
4 Packet Length Router ID Area ID
Checksum
AuType
Authentication Authentication # LSAs LSAs
308 1037_05F9_c2
71
© 1999, Cisco Systems, Inc.
Router-LSA Packet LS Age
Options Link State ID
Advertising Router LS Sequence Number LS Checksum Length v e b
0
# Links Link ID Link Data
# TOS 0
Metric TOS Metric
Link ID Link Data 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
72
36
Network-LSA Packet LS Age
Options
2
Link State ID Advertising Router LS Sequence Number LS Checksum
Length Network Mask
Attached Router Attached Router Attached Router
308 1037_05F9_c2
73
© 1999, Cisco Systems, Inc.
Summary-LSA Packet
LS Age
Options
3 or 4
Link State ID Advertising Router LS Sequence Number LS Checksum
Length
Network Mask
308 1037_05F9_c2
0
Metric
TOS
TOS Metric
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
74
37
AS-External-LSA Packet LS Age
Options
5
Link State ID Advertising Router LS Sequence Number LS Checksum Length 0
TOS
Network Mask Metric Forwarding Address External Route Tag TOS Metric Forwarding Address External Route Tag
308 1037_05F9_c2
75
© 1999, Cisco Systems, Inc.
Virtual Links
• Do not use this feature • So what’s it for? Tunnel ABR summaries to area 0 Allow areas to connect to areas other than 0 Repair a discontinuous area 0 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
76
38
Virtual Links (Cont.)
• May be required in backup scenarios • Configured at each ABR • Should use loopback interfaces area [area-#] virtual-link [router-ID] 308 1037_05F9_c2
77
© 1999, Cisco Systems, Inc.
Virtual Links Area 0.0.0.0
Area 0.0.0.1 Area 0.0.0.4
308 1037_05F9_c2
Area 0.0.0.3 © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
Area 0.0.0.5 78
39
Virtual Links Area 0.0.0.0
Area 0.0.0.1 Area 0.0.0.4
Virtual Link
308 1037_05F9_c2
Area 0.0.0.3
Area 0.0.0.5 79
© 1999, Cisco Systems, Inc.
Virtual Links Area 0.0.0.0
Area 0.0.0.1 Area 0.0.0.4
Virtual Link Virtual Link
308 1037_05F9_c2
Area 0.0.0.6 © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
Area 0.0.0.3
Area 0.0.0.5 80
40
Virtual Links Area 3
Area 0
Area 2
308 1037_05F9_c2
Area 1 81
© 1999, Cisco Systems, Inc.
Virtual Links Area 3
X
Area 2
308 1037_05F9_c2
X Area 0
Area 1 © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
82
41
Virtual Links Area 3
Area 0
Area 2
308 1037_05F9_c2
Area 1 83
© 1999, Cisco Systems, Inc.
OSPF Protocol Scalability Options
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
84
42
Summarization • Routing is by longest prefix match • Instead of advertising many more specific prefixes, advertise only one summary prefix Area-range on ABR to summarize type 3 LSAs Summary-address on ASBR to sum Type 5s
• Not only smaller, but also more stable • Drawback is possible sub-optimal routing 308 1037_05F9_c2
85
© 1999, Cisco Systems, Inc.
Not Summarized: Specific Links
Backbone Area #0
1.1.1.0 1.1.2.0 1.1.3.0 1.1.4.0
2.2.1.0 2.2.2.0 2.2.3.0
1.1.1.0 1.1.4.0 Token Ring
1.1.2.0
Token Ring
3.3.1.0
3.3.4.0 Token Ring
2.2.1.0
1.1.3.0 2.2.2.0
308 1037_05F9_c2
3.3.1.0 3.3.2.0 3.3.3.0 3.3.4.0
Token Ring
Token Ring
2.2.3.0
3.3.3.0
3.3.4.0
Token Ring
• Only summary LSA advertised out • Link-state changes do not propagate © 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
86
43
Summarized: Summary Links
Backbone 1.0.0.0 Area #0 3.0.0.0 2.0.0.0 3.3.1.0
1.1.1.0 1.1.4.0 Token Ring
Token Ring
Token Ring
2.2.1.0
1.1.3.0
1.1.2.0
2.2.2.0
308 1037_05F9_c2
3.3.4.0
Token Ring
Token Ring
2.2.3.0
3.3.3.0
3.3.4.0
Token Ring
• Only summary LSA advertised out • Link-state changes do not propagate 87
© 1999, Cisco Systems, Inc.
Summarization (Cont.) Area 0
Configure on Both ABRs Area-Range 11.1.0/17 Area-Range 11.1.128/17 Cost Range 1: ABR1 10 ABR2 60 Cost Range 2: ABR1 60 ABR2 10
R3
ABR1 10
11.1.1/24
ABR2 10
Area 10 11.1/16 50
20
11.1.129/24 R4
50 20
R6 11.1.2/24
R5 11.1.130/24
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
88
44
Stub Areas • Do not flood external LSAs (type 5) in area • Still flood inter-area LSAs (type 3) • Outside AS will be reachable via default ABRs will generate default (type 3 with 0/0)
• Of course, no ASBRs allowed in stub area Stub areas can not have a virtual link
• All routers in stub area must agree on stub! 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
89
Totally Stubby Areas • Still do not flood external LSAs (type 5) • Do not flood inter-area LSAs (type 3) • Outside area will be reachable via default ABRs will generate default (type 3 with 0/0)
• This results in only intra-area routes in area Only Types 1 and 2, no Type 3 or Type 5 Very stable, small LSDB, fewer routes 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
90
45
Not So Stubby Areas (NSSA)
• Benefits of stub area, but ASBR is allowed • New type external LSA (type 7) Type 7 LSAs flooded throughout the area No type 5 external LSAs in the area Type 7 LSAs will be converted into type 5 LSAs when flooded into area 0 by ABRs
• Filtering and summaries allowed at ABRs 308 1037_05F9_c2
91
© 1999, Cisco Systems, Inc.
Flooding of LSAs in NSSA Type 3 Area 10 Type 5 11/8 Type 7
0/0 ABR
Type 3 Type 5 Area 0 12/8
ASBR
Area 12 13/8 Type 7
ABR ASBR
IS-IS World 15/8
308 1037_05F9_c2
0/0
Routes in Routing Table: Area 10: 11/8, 15/8, 0/0 Area 12: 13/8, 14/8, 0/0 Area 0: 12/8, 11/8, 13/8 15/8, 14/8
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
RIP World 14/8
92
46
Convergence
• LSA flooded on router state change (port down), tables recalculate, convergence in seconds • Router or link down on LSA path, convergence equal to above plus dead interval (40 sec.) 308 1037_05F9_c2
93
© 1999, Cisco Systems, Inc.
Comparison of Routing Protocols Link State
Traditional Distance Vector
Advance Distance Vector
Scalability
Good
Low
Excellent
Bandwidth
Low
High
Low
Memory
High
Low
Moderate
CPU
High
Low
Low
Convergence
Fast
Slow
Fast
Configuration
Moderate
Easy
Easy
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
94
47
OSPF Comparison 400 350
Update
60
Dead Interval
50
300
Update Overhead
40
250 200
30
150
20
100 10
50 0
EIGRP OSPF Broadcast Broadcast
EIGRP NBMA
OSPF NBMA
0
Worst-Case Convergence 308 1037_05F9_c2
EIGRP OSPF Broadcast Broadcast
EIGRP NBMA
OSPF NBMA
Bandwidth Overhead 95
© 1999, Cisco Systems, Inc.
Implementation With OSPF
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
96
48
Reasons for Coexistence • Interim during conversion • Application specific protocols One size doesn’t always fit all
• Political boundaries • Legacy devices Multi-vendor interoperability Host-based routers 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
97
Reasons for Conversion • Introduce a modern protocol VLSM-capable Reduce routing overhead Faster convergence Better metrics
• Assimilation of an existing network Resistance is futile 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
98
49
Technical Assessment Items • What Cisco IOS™ version(s) are installed? At what version did the protocol you’re interested become ready for prime time?
• Hardware platform(s)’s capabilities, such as CPU and memory The newer protocols typically consume more memory Older protocols had a linear CPU utilization Most new protocols consume more CPU during convergence 308 1037_05F9_c2
99
© 1999, Cisco Systems, Inc.
Technical Assessment Items (Cont.) • The size and complexity of the network Is the topology hierarchical? How many protocols are already in use? Given the topology, what protocol is best?
• Addressing Are there secondaries? Is the address space contiguous? 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
100
50
Political Assessment Items • Scheduling a change window When can you schedule an outage? How long can the outage be?
• Tolerance for risk Network changes scares of management “This network is mission-critical!” 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
101
Political Assessment Items (Cont.) • Ability to plan and execute Do you understand the underlying theory? How many people will actually execute the changes?
• Does the change cross administrative boundaries? Involve the appropriate administrators 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
102
51
Ground Rules • Under normal operation, there should be exactly one interior routing protocol on any network segment Use “passive-interface” as necessary to ensure this
• The number of re-distribution boundaries should be kept to a minimum You have better things in life to do besides build access lists 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
103
Ground Rules ( Cont.) • Addressing should be contiguous with respect to topology Not just network topology but routing protocol topology Allows for summarization If you’ve any piece of a classfull protocol left, you must keep major network prefixes contiguous and non-VLSM 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
104
52
Preparation • Accurate topology maps Layout new protocol areas Identify redistribution points
• Create new configs New configs are simply installed during the change window, not created
• Proof of concept Lab work with real routers NETSYS™ modeling 308 1037_05F9_c2
105
© 1999, Cisco Systems, Inc.
Validation • All networks should have an acceptance test What constitutes up? A green network management map is not sufficient
• Are the route ages appropriate? If the protocol is periodic, routes should never be older than the update time If the protocol is update-based, routes should get old 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
106
53
Validation ( Cont.) • Is the number of routes stable? • If you have the luxury, fail a link, allow the network to converge, then restore the link and let the network converge Are convergence times appropriate for the protocol? Remember to account for differentials in convergence time 308 1037_05F9_c2
107
© 1999, Cisco Systems, Inc.
Validation OSPF
• Do I have all the neighbors I should? Show ip ospf neighbors
• Are routes getting old Show ip route Look at the age of the route
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
108
54
Cutting Off Your Nose
• Ensuring end-to-end, bi-directional routes can be tricky • When telneting to a router, connect to the interface closest to you • If all else fails, telnet from router to router to get to your destination 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
109
It’s Okay if You Failed Typing Class • As much as possible, capture network prefixes for access-lists and network statements from the existing configs Avoids typographical errors
• Use automated editing techniques Grep, awk, find-and-replace, etc. 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
110
55
Implementation Redistribution with OSPF
308 1037_05F9_c2
111
© 1999, Cisco Systems, Inc.
Route Filtering Network X
• Selectively announce routes, per ASBR • Selectively accept routes, per ASBR
Advertise B and Y
• Can filter at redistribution points with any other protocols: RIP, EIGRP, IGRP, IS-IS, BGP, Static, etc.
Advertise B and X
Network A
Network B
• Use “route-maps” at ASBR Based on extended access-lists for route prefixes Based on “tags” of route origin or history
Network Y
Based on AS filters in BGP 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
112
56
Route Redistribution • Differentiate sources of routes RIP
OSPF
Your Network
EIGRP 308 1037_05F9_c2
Static 113
© 1999, Cisco Systems, Inc.
Route Redistribution RIP Updates
OSPF Updates
OSPF Domain
• Router runs RIP and OSPF • Router exchanges routes internally • Exchange can be filtered 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
114
57
Implementation Considerations
RIP
RIP
OSPF
172.16
172.16
AS 300
ASBR
172.16.0.0 RIP
ASBR
172.16
OSPF OSPF 172.16
• Routing feedback Suboptimal path selection Routing loops
• Incompatible routing information • Inconsistent convergence time 308 1037_05F9_c2
115
© 1999, Cisco Systems, Inc.
Filter to Avoid Redistribution Feedback OSPF Process
172.16.2.0
Filter 172.16.1.0 Allow 172.16.2.0
RIP Process
172.16.2.0
Filter 172.16.2.0 Allow 172.16.1.0
• Impose split horizon when redistributing 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
116
58
Default Metrics
• The first, or seed, metric for a route is derived from being directly connected to a router interface Re-distributed routes are not physically connected “Default-metric” establishes the seed metric for the route 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
117
Default Metrics (Cont.)
• Once a compatible metric is established, the metric can increment just like any other route • Set default metric bigger than the biggest native metric
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
118
59
Configuring Default Metrics default-metric bandwidth delay reliability loading mtu
• Used for IGRP and Enhanced IGRP redistribution default-metric bandwidth delay reliability loading mtu
• Used for OSPF, RIP, EGP, and BGP redistribution 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
119
Route Redistribution • Different protocols use different metrics • Metrics are difficult to compare algorithmically • Therefore, a collating sequence Which protocol do you believe the most? Then decide which metric is the best 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
120
60
Use Distance to Implement Routing Policy
Take Route with Lowest Distance; Compare Metrics Only If Distance Is Equal
RIP Router Network x.x.x.x OSPF Router
• Distance distinguishes sources of IP routing information 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
121
Administrative Distance • Different protocols use different metrics • Metrics are difficult to compare algorithmically • Therefore, a collating sequence Which protocol do you believe the most? Then decide which metric is the best 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
122
61
Default Administrative Distances Route Source
Default Distance
Connected Interface Static Route Enhanced IGRP Summary Route External BGP Internal Enhanced IGRP IGRP OSPF IS-IS RIP EGP External Enhanced IGRP Internal BGP Unknown 308 1037_05F9_c2
0 1 5 20 90 100 110 115 120 140 170 200 255 123
© 1999, Cisco Systems, Inc.
Using Distance 172.16.1.0
.2
.3
.2
.3
.1
172.16.2.0
router ospf 1 distance 220 set default to barely believe anyone distance 110 172.16.2.3 0.0.0.0
• Believe the other router over workstation 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
124
62
Modifying Default Distance
distance weight [address mask [access-list-number]
• Used for all protocols except EIGRP and BGP redistribution distance eigrp internal-distance external-distance
• Used for EIGRP redistribution
308 1037_05F9_c2
125
© 1999, Cisco Systems, Inc.
Implementation Conversion to OSPF
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
126
63
Conversion Strategies
• Flash cut • Overlay technique • Grow and shrink
308 1037_05F9_c2
127
© 1999, Cisco Systems, Inc.
Flash Cut
• Turn off old protocol, turn on new • Usually best done with an automated system to reduce downtime • Usually not advised unless the number of routers is very small, or skill set is sufficient to ensure success 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
128
64
Grow/Shrink • Select contiguous piece of the topology • Construct feed back control access list • Enable the new protocol on the interfaces connecting to the area to be converted • Re-distribute the new protocol into the old core protocol • Convert the core first • Execute the next area 308 1037_05F9_c2
129
© 1999, Cisco Systems, Inc.
Grow/Shrink
Pro • Workable in virtually any topology • Low political impact: can be sold a group at a time • Extra CPU and memory required only on the redistributing router(s)
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
130
65
Grow/Shrink
Con • Multiple points of redistribution: high probability of route loops • Typically disruptive in the area actively being worked • Harder to revert: all routers in the affected area must be re-worked 308 1037_05F9_c2
131
© 1999, Cisco Systems, Inc.
Overlay Technique • The new routing protocol is configured with a higher administrative distance • The old protocol is removed from all “branch” points The goal is to “break” the old protocol such that route announcements are heard only on the new protocol 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
132
66
Overlay Technique • Even though the old protocol is still configured, only new protocol announcements are heard • Back out change by re-installing old route protocol • Clean up after verification Remove all old protocol configs 308 1037_05F9_c2
133
© 1999, Cisco Systems, Inc.
Overlay Technique
Pro • No redistribution necessary • Most config work can be done non-disruptively • Easily reverted
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
134
67
Overlay Technique
Con • Only works well if the number of branch routers is small • Politically hard to sell: has the appearance of a “flash” cut to the technically challenged • There must be available CPU and memory capacity, particularly on core routers 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
135
Conversion Summary • Run as few routing protocols as possible • Execute conversions as quickly as possible • Address the network contiguously with respect to topology • Politics are irrelavant Networks don’t care how you “feel” Choose protocols based on facts 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
136
68
Design Practices How Do I Use All This Anyway?
308 1037_05F9_c2 308
137
© 1999, Cisco Systems, Inc.
OSPF Design
• Attack addressing first Create address hierarchy to match topology Can be geographic or organizational
• Examine physical topology Is it meshed or hub-and-spoke? 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
138
69
Meshed
• OSPF may not be the right choice We only get a two-layer hierarchy Using Virtual Links for a fix is bad
• However we can engineer anything Pruning some links Adding a few 308 1037_05F9_c2
139
© 1999, Cisco Systems, Inc.
Meshed (Cont.)
• Try to use as Stubby an area as possible It reduces overhead and LSA counts
• Push the creation of a backbone Reduces mesh and promotes hierarchy
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
140
70
Welcome to My World
172.16.3.2 172.16.3.1
Trans
172.16.12.1 172.16.2.2
T-1
172.16.1.1 172.16.1.2
R200
172.16.2.1
Cen
172.16.7.2
172.16.4.1
172.16.5.1
172.16.4.2
64Kb 64Kb
172.16.7.1
R300
172.16.6.1
Rem 172.16.11.1
172.16.5.2
172.16.6.2
172.16.9.1 308 1037_05F9_c2
T-1 Frame Relay
R100 172.16.10.1 141
© 1999, Cisco Systems, Inc.
OSPF Overlay Area 2 172.16.3.2
Trans
172.16.12.1 172.16.2.2
Area 0
172.16.3.1
T-1
172.16.1.1 172.16.1.2
R200 172.16.7.2
Cen
172.16.4.1
Area 2 172.16.5.1 64Kb
172.16.7.1
R300 172.16.9.1 308 1037_05F9_c2
172.16.2.1
172.16.4.2 T-1 Frame Relay
64Kb 172.16.6.1
172.16.6.2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
Area 3 Rem
172.16.5.2
172.16.11.1
R100 172.16.10.1 142
71
Hub and Spoke
• Clearly a win with OSPF But any dynamic routing protocol is unnecessary if there is only one path and no dial backup
• Hub Routers are the ABRs Spoke routers are Totally Stubby wherever possible 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
143
Hub and Spoke ( Cont.)
• Group branch offices by capability for: Totally Stubby, Stub, NSSA and regular
• Define areas and addressing to these groups • How big: Always a tough question! 308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
144
72
Thank You! • Please fill out the survey • This was #308 “Deploying OSPF/IS-IS/NLSP” • Related Sessions: 301 Intro to Routing 304 Intro to IP Switching 307 Deploying IGRP/EIGRP 309 Deploying BGP 308 1037_05F9_c2
145
© 1999, Cisco Systems, Inc.
Please Complete Your Evaluation Form Session 308
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
146
73
308 1037_05F9_c2
© 1999, Cisco Systems, Inc.
Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. 1037_05F9_c2.scr
147
74