You are on page 1of 442

Module 0 Introduction

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Scalable IP Networks


This course is part of the Alcatel-Lucent Service Routing Certification (SRC) Program. For more information on the
the SRC program, see www.alcatel-lucent.com/src
To locate additional information relating to the topics presented in this manual, refer to the following:

Technical Practices for the specific product

Internet Standards documentation such as protocol standards bodies, RFCs, and IETF drafts

Technical support pages of the Alcatel website located at: http://www.alcatel-lucent.com/support

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Course timeline
Course objectives
Course prerequisites
Course introduction

Module 0 - 2

Alcatel-Lucent Scalable IP Networks Timeline

Day 2
Module 3 Ethernet Overview
Module 4 IP Overview & Addressing

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Day 1
Module 0 Introduction
Module 1 Internet Overview
Module 2 7x50 SR/ESS Components and CLI

Module 0 - 3

Alcatel-Lucent Scalable IP Networks Timeline

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Transport Layer Overview


IP Routing
Link State Routing Protocols
BGP Overview
7750 SR Services Overview

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Day 3
Module 5
Module 6
Module 7
Day 4
Module 8
Module 9

Module 0 - 4

Alcatel-Lucent Scalable IP Networks Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this course, you should be


familiar with:
The OSI protocol suite
Key functions of the Ethernet protocol
Key functions of an IP network
The IP address classes, IP subnet masking, and IP supernetting
Configuration of IP addresses and subnet masks on router
interfaces
The concepts of static and dynamic routing
The differences between IGP and EGP routing protocols

Module 0 - 5

Alcatel-Lucent Scalable IP Networks Objectives (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Understand the differences between a distance vector


protocol and a link state protocol
Understand the basic operation of RIP
Understand the basic operation of OSPF
Successfully configure the various IGP protocols
Understand the basic operation of BGPv4
Successfully configure BGPv4
Understand TCP and UDP as transport protocols
Understand the various services offered by the 7750 SR

Module 0 - 6

Prerequisites and Follow-On

Suggested follow-on courses


Based on the material covered in this course, it is
recommended that this course be followed with the
Alcatel-Lucent IGP course.
ASIN exam
To ensure full comprehension of the material covered in
this course, it is recommended that the student register for
and take the Alcatel-Lucent Scalable IP Networks exam
following successful completion of this course.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Suggested prerequisites
There is no prerequisite for this course, however familiarity
with binary arithmetic is an asset.

Module 0 - 7

Alcatel-Lucent Scalable IP Networks Introduction

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP technology has exploded over the last decade. The technology


has now infiltrated every facet of our lives. This 4-day course
introduces the layer 2 and layer 3 technology that is used in the
networking world.

Module 0 - 8

Alcatel-Lucent Scalable IP Networks Course Goal

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Provide the participants with foundation knowledge of IP


networking, its applications, and its implementation in an
Alcatel-Lucent environment.

Module 0 - 9

Graphical Symbols and Icons

PE

User

Flow or lookup

Physical link
(solid black)
Control plane

Switch

Table

(dashed red)

Packet (showing detail)


10.1.1.1

Workstation

Customer site 1

Type

IP Data

System or loopback
Interface

Customer site 2

Alcatel-Lucent Scalable IP Networks v1.1

These typical graphical symbols are used in this course.

Scalable IP Networks v1.00

SA

Network Cloud

Server

DA

Data plane
(dotted blue)

Module 0 |

10

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Generic router

Module 0 - 10

Administration

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 0 |

11

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Registration
Facility information
Restrooms
Communications
Materials
Schedule
Introductions
Name and company
Experience
Questions

Module 0 - 11

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 1 Internet Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Understand the layering concepts of network protocols
Discuss the functions of the different layers of the TCP/IP
protocol suite
Identify some of the different protocols that operate at the
different layers
Understand the encapsulation process as data travels across
the Internet
Compare and contrast the OSI and TCP/IP layering models

Module 1 page 2

Section 1 Reference Model

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSI Overview

TCP/IP Protocols

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

Developed in the 1970s by pioneering network engineers Vinton Cerf and Bob Kahn.
Intended to provide a common framework to allow the interworking of diverse network hardware and computer
systems.
TCP/IP was included in early releases of the UNIX operating system. This led to extensive use of TCP/IP at
universities and other enterprises that used UNIX.
During the 1980s, primarily used by U.S. universities and research institutions. From 1986, the backbone of the
Internet was primarily provided by the NSFnet, a government-sponsored network, and was not intended for
commercial use.
Increasingly adopted by commercial enterprises during the 1990s. On April 30, 1995, the architecture was
transitioned from the NSFnet backbone to the use of distributed interconnection or peering points.
Provides the underlying technological framework of the Internet today. As of June 30, 2006, it was estimated that
there are 1.04 billion Internet users worldwide (http://www.internetworldstats.com/stats.htm).

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Developed in the 1970s by pioneering network engineers


Vinton Cerf and Bob Kahn
Intended to provide a common framework to allow the
interworking of diverse network hardware and computer
systems
Included in early releases of the UNIX operating system
During the 1980s, primarily used by U.S. universities and
research institutions
During the 1990s, increasingly adopted by commercial
enterprises
Provides the underlying technological framework of the
Internet today

Module 1 page 4

TCP/IP Layering

Application
Services

Transport

Internet
Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

The purpose of a network protocol suite is to define the protocols and technologies that support the interconnection
of a diverse array of hardware and systems to support the operation of a wide range of applications over the
network. Anyone who has used an Internet application such as a web browser or e-mail can appreciate the
complexity of the systems required to support these applications.
The layering of protocols provides a way to simplify this complex problem by segregating it into a number of smaller
functions. Each layer performs a specific function that contributes to the overall functioning of the network. Protocol
layers have the following benefits:

Simplify complex procedures into a structure that is easier to understand

Allow vendors to interoperate

Isolate problems from one layer that may be passed to other areas

Allow modular plug-and-play functionality

The TCP/IP protocol suite (or Internet protocol suite) is constructed around four layers of technology. The
application layer provides all the services (for example, web browsing and e-mail) available to users of the Internet.
The network interfaces layer includes all the hardware that comprises the physical infrastructure of the Internet. The
two intermediate layers provide a common set of services that are available to all Internet applications and that
operate on all the hardware infrastructure of the Internet.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 5

TCP/IP Layering Application Layer

Application
Services

Application
User interface to the network
User Applications

Transport

E-mail
Telnet
FTP

Internet

WWW

Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

The application layer is the layer for the user. It is important to understand at this point that this layer only
describes Network applications. Applications such as word processors and database programs are not considered
network applications as they do not require network connectivity and are not part of this layer.
The figure above shows examples of network applications. Without network connectivity, these applications would be
useless.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 6

TCP/IP Layering Transport Layer

Application
Services

Transport
Communication between applications
Reliable data transfer
Flow control

Transport

Sequencing of data

Internet
Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

Transport protocols are the applications interface to the network. The transport protocol provides a mechanism for
an application to communicate with an application residing on another device in the network.
In the TCP/IP protocol suite there are two transport protocols: TCP and UDP. TCP is a connection-oriented protocol
that provides an ordered and reliable transfer of data over the network. UDP is a connectionless protocol that
supports the transfer of a single datagram across the network with no delivery guarantee. UDP is simpler and
operates with less overhead than TCP.
Most Internet applications use TCP for data transfer because it provides a reliable transfer service. This includes
HTTP (web browsing), e-mail, Telnet, and FTP. Some applications, such as DNS and SNMP, use UDP because they only
require a simple datagram transfer, while RTP uses UDP to avoid the overhead of TCP and because there is no benefit
in retransmitting lost packets for applications that use RTP.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 7

TCP/IP Layering Internet Protocol Layer

Application
Services

Internet Protocol
Common services and addressing
Unique network addressing
scheme to identify hosts

Transport

Internet

Routing protocols for path


determination
End-to-end forwarding of
datagrams

Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

The Internet protocol layer provides a common addressing plan for all hosts on the Internet as well as a simple,
unreliable datagram transfer service between these hosts. IP is the common glue that defines the Internet.
IP also defines the way a datagram (or packet) is routed to its final destination. In an IP network, the forwarding of
packets across the network is handled by routers. IP routers examine the destination address of a datagram and
determine which router is the next hop that will provide the best route to the destination (known as hop-by-hop
routing). Routers communicate with each other using dynamic routing protocols to exchange information about the
networks they are connected to. This allows routers to make forwarding decisions for the datagrams they receive.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 8

TCP/IP Layering Network Interfaces

Application
Services

Network Interfaces
Physical transfer of data
Ethernet

Transport

ATM
Frame Relay
PPP

Internet
Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

All rights reserved 20062007 Alcatel-Lucent

The network interfaces layer comprises the hardware that supports the physical interconnection of all network
devices. The technologies of this layer are often defined as multiple layers themselves. The common attribute of all
technologies of this layer is that they are able to forward IP datagrams.
There are many different technologies that operate at this layer, some of which are very complex. Some of the
protocols commonly used at this layer include ATM, frame relay, PPP, and Ethernet. However, there are many other
protocols used; some are open standards and some are proprietary. The diversity of the network interfaces layer
demonstrates one of the benefits of protocol layering. As new transmission technologies are developed, it is not
necessary to make changes to the upper layers to incorporate these technologies in the network. The only
requirement is that the new technology be able to support the forwarding of IP datagrams.
This layer is often referred to as Layer 2 in reference to the data link layer of the OSI reference model (presented
later).

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 9

Application Encapsulation

From: glenn@alcatel.com
Application

Message Body

To: someone@sympatico.ca

Services

Transport

Internet
Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

10

All rights reserved 20062007 Alcatel-Lucent

When a network application wants to communicate with another application across the network, it must first prepare
its data in the specific format defined by the protocol to be used by the receiving application. A specific protocol is
used so that the receiving application will know how to interpret the data it receives.
In the case of a mail message, the message consists of two parts, the message header and the body. The message
header contains the senders and receivers addresses as well as other information such as the urgency of the
message and the nature of the message body. The format of the header and the nature of the addresses is defined by
the application protocol. In the case of a mail message, the protocol is SMTP.
In addition to defining the format of the message, the protocol also specifies how the applications are expected to
interact with each other, including the exchange of commands and the expected responses.
To accomplish the transfer of the applications data, the application uses the services of the transport layer.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 10

Transport Encapsulation

From: glenn@alcatel.com
Application

Message Body

To: someone@sympatico.ca

Services

Source:
Transport

1223

Header

Message Body
Body

Destination: 25

Internet
Protocol

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

11

All rights reserved 20062007 Alcatel-Lucent

The transport layer provides a service to transfer data between applications across a network. There are two
transport protocols used on the Internet: TCP and UDP. For exchanging e-mail across the Internet, an e-mail
application uses SMTP. SMTP uses TCP to accomplish the transfer. TCP provides a reliable transfer service so that the
application does not have to be concerned about whether all data is properly transferred. UDP provides a simple,
unreliable datagram delivery service (much like IP).
TCP treats all application data as a simple byte stream, including both the message header and the message body.
TCP accepts the applications data and breaks it into segments for transmission across the network as required. To
accomplish this reliable transfer, TCP packages the application data with a TCP header. On the receiving end of the
connection, TCP removes the TCP header and reconstructs the application data stream exactly as it was received
from the application on the senders side of the network.
The TCP and UDP headers carry source and destination addresses that identify the sending and recipient applications
because a single host system may support multiple applications. These addresses are known as port numbers. The
TCP units of data are known as segments; UDP data is called a datagram.
To transmit its segments of data across the network, TCP uses the services of the IP layer.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 11

IP Encapsulation

From: glenn@alcatel.com
Application

Message Body

To: someone@sympatico.ca

Services

Source:
Transport

Internet
Protocol

1223

Header

Message Body
Body

Destination: 25

Source:138.120.191.122

Header

Header

Dest.: 197.199.45.12

Body

Network
Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

12

All rights reserved 20062007 Alcatel-Lucent

The IP layer provides a common addressing scheme across the network as well as a simple, unreliable datagram
forwarding service between nodes in the network.
Data from the transport layer is packaged in IP datagrams for transfer over the network. Each datagram travels
independently across the network. The intermediate routers forward the datagram on a hop-by-hop basis based on
the destination address.
Each datagram contains source and destination addresses that identify the end nodes in the network. Every node in
an IP network is expected to have a unique IP address.
IP uses the services of the underlying network interfaces to accomplish the physical transfer of data.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 12

Data Link Encapsulation

From: glenn@alcatel.com
Application

Message Body

To: someone@sympatico.ca

Services

Source:
Transport

Internet
Protocol

1223

Header

Message Body
Body

Destination: 25

Source:138.120.191.122

Header

Header

Dest.: 197.199.45.12

Body

Network
Interfaces

DA: 00-D0-F6-A4-26-5C

Hdr

Hdr

SA: 00-20-60-37-BB-5F

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

13

Hdr

Body

F
C
S

All rights reserved 20062007 Alcatel-Lucent

The data link layer is the term used to describe the network interfaces used by IP for physically transmitting the data
across the network. The units of data transmitted at the data link layer are usually known as frames. IP datagrams
must always be encapsulated in some type of data link frame for transmission.
A typical data link frame contains a header, usually containing some type of address. The frame also often carries a
trailer that contains some type of checksum to verify the integrity of the transmitted data. There are many types of
technology used as network interfaces by IP, and they each have their own specific format and rules of operation.
The common characteristic is that the technologies are all capable of carrying IP datagrams.
Most protocols at this layer also use some type of addressing. The address identifies the two endpoints of a data
exchange to the data link protocol. For example, the figure above shows the addressing of an Ethernet frame. Some
point-to-point protocols such as PPP may not use addresses if there is only one possible destination for the data.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP Layers

Module 1 page 13

OSI A History Lesson

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

14

All rights reserved 20062007 Alcatel-Lucent

The OSI reference model was developed at the end of the 1970s, but the development of actual protocols to support
the reference model was slow. By the early 1990s a number of OSI protocols (TP0-4, CLNS, CONS, X.400, and X.500)
had been specified and commercial implementations attempted, but the success of TCP/IP and the weaknesses of OSI
led to the complete adoption of TCP/IP for internetworking.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Early 1970s Canepa and Bachman at Honeywell


Information Systems worked to develop a mechanism to
distribute databases.
Late 1970s ISO and CCITT each developed a standard.
1983 The ISO and CCITT documents merged into the Basic
Reference Model for Open Systems Interconnection.
1984 The merged document was published by both ISO
and CCITT, with CCITT being renamed ITU-T (ISO 7498 and
ITU-T X.200).
Some OSI protocols (e.g., X.21 and ATM) competed with
TCP/IP, but growth of the Internet caused IP to be adapted.

Module 1 page 14

OSI Interesting Facts

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

15

All rights reserved 20062007 Alcatel-Lucent

OSI was designed as an open standard to replace the strictly proprietary networking technologies that were in use in
the 1970s (SNA was dominant, but many others were also in use). However, TCP/IP applications and implementations
grew much more rapidly than OSI and by 2000, OSI was essentially replaced by TCP/IP.
The OSI reference model is widely used to describe the layering of network protocols, and much networking
terminology derives from the OSI protocol suite. A few remnants of OSI are still in use; for example, LDAP, which is a
derivation and simplification of X.500, and IS-IS, which was designed as an OSI routing protocol and was adapted to
TCP/IP networks.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Formed the basis of the OSI protocol suite, to create a


widely adopted suite of protocols to be used by
international networks
The 7-layer model created by Bachman and Canepa was the
only model submitted to the ISO subcommittee in March
1978
Introduced to compete with IBMs SNA, due to the
companys closed architecture

Module 1 page 15

OSI Model

Application
Presentation

Upper Layers

Session
Transport
Network
Lower Layers

Data Link
Physical

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

16

All rights reserved 20062007 Alcatel-Lucent

The OSI reference model represents a logical way of organizing how networks talk to each other so that all hardware
and software vendors have an agreed-upon framework to develop networking technologies. By providing and using
this model, the ISO has accomplished the following:

Simplifies complex procedures into an easy-to-understand structure

Allows vendors to interoperate

Provides the ability to isolate problems from one layer that may be passed to other areas

Allows a modular plug-and-play functionality

Provides an independent layer design

The OSI model is represented by the seven layers depicted in the figure above. These layers may be grouped into two
main areas, defined simply as the upper and lower layers.
Although a single device (for example, a UNIX workstation) can execute all seven layers, this is not practical in real
networks. The amount of traffic that needs to be moved through modern networks requires purpose-built devices
that handle various layer functions. Two such examples are bridges, which are purpose-built for layer 2 operation,
and routers, which are purpose-built for layer 3 operation.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSI

Module 1 page 16

TCP/IP Suite vs. OSI


TCP/IP Suite

Application
Application

Presentation

Services

Session
Transport

Transport

Internet

Network

Protocol

Data Link

Network
Interfaces

Physical

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

17

All rights reserved 20062007 Alcatel-Lucent

The TCP/IP suite differs from the OSI model in that the TCP/IP suite uses four protocol layers and the OSI model uses
seven layers. The figure above roughly shows the protocol layer relationship between the two models.
Network Interfaces This layer is used to define the interface between hosts and contains the functionality of both
the physical and data link layers of the OSI model. Protocols such as Ethernet describe both the framing of data
(layer 2) and the physical transmission of the frame over the media (layer 1). This layer is often referred to as layer 2
or L2 because it provides OSI layer 2-type services to the IP layer.
Internet Protocol The IP layer provides a universal and consistent forwarding service across a TCP/IP network. IP
provides services comparable to the OSI network layer and is sometimes referred to as a layer 3 (or L3) protocol. The
OSI protocol CLNP corresponds most closely to IP.
Transport The transport layer comprises two main protocols, TCP and UDP. These transport protocols provide
similar services to the OSI transport protocols. TCP is very similar to the OSI transport protocol, TP4. TCP and UDP
may be referred to as layer 4 protocols.
Application Services The application services provide end-user access to the Internet. Any of the services of the
upper three OSI protocols that are required are incorporated into the application protocols. There are a number of
Internet protocols that provide services similar to these OSI layers, although they do not follow the layering or
service definitions of OSI. For example, TLS provides session-like services to Internet applications and MIME provides
presentation-like services to SMTP and HTTP. Application layer protocols are sometimes referred to as layer 7
protocols.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSI

Module 1 page 17

Section 2 Network Devices

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSI Overview

Network Devices Examples

Router

Repeater
Hub

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

19

All rights reserved 20062007 Alcatel-Lucent

The figure above shows some different network devices. The major difference between them is the OSI layer that
each of the devices operates at.
L1 Physical Layer With regard to the figure above, the repeater and the hub are considered to be layer 1 devices.
These devices normally have no intelligence. The devices simply take whatever traffic comes in and send it out with
no decision-making.
L2 Data Link Layer In the figure above, the switch is the layer 2 device. The switch makes intelligent forwarding
decisions based on the data link address, whether it be a MAC address, VPI/VCI, or DLCI. An Ethernet switch also
dynamically learns the MAC addresses of the hosts in its LAN. Data on a switch is divided into collision domains (a
port on a switch represents a single collision domain). However, the switch and all its ports reside in one broadcast
domain.
L3 Network Layer The most common layer 3 device is a router. The router makes intelligent forwarding decisions
based on the network layer address. As in a switch, each port on a router is a single collision domain. However, each
port on a router is also a single broadcast domain. Therefore, traffic crossing from one broadcast domain to another
broadcast domain must go through a router.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Switch

Module 1 page 19

Layer 1 Devices

Repeater
Hub

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

20

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A repeater retransmits the Ethernet signal down a wire and


amplifies it to be used again. The repeater extends the reach of
Ethernet in a LAN.
A hub works exactly like a repeater, with the exception that it
functions less as a distance extender and more like a port
concentrator of several hosts in one physical area.

Module 1 page 20

Layer 1 Devices Repeater

Connects network segments


Retimes and regenerates signals to proper amplitudes
Disadvantage propagation delay due to broadcasting
Disadvantage physical limit to the number of repeaters used

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

21

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Repeater

Module 1 page 21

Layer 1 Devices Hub

A single Ethernet segment device that can operate at


10/100/1000 Mb
Can act as a repeater
Disadvantage Same as repeater
Used in small home networks or isolated segments in larger
networks

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

22

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Hub

Module 1 page 22

Bridging and Bridges


Bridging is a layer 2 (L2) concept.
Bridging is primarily associated with Ethernet.
A bridge (or switch) operates at L2 of the OSI model.
A bridge is an intelligent device that does an L2 address lookup.
Application
Presentation

L2 Network Device

Session

OSI Model

Transport
Network
Data Link

Bridge
Physical

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Bridge

Module 1 |

23

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 1 page 23

Switches

Switch

A switch is a multiple Ethernet segment device that can have


dedicated 10/100/1000 Mb ports.
Traffic in isolated segments is switched via a high-speed,
bandwidth-dedicated backplane called a fabric.
The majority of modern switches function in store/forward.

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

24

All rights reserved 20062007 Alcatel-Lucent

A store/forward switch requires the whole Ethernet frame (packet) to be received before it can be forwarded.
Although this may suggest higher network latencies due to larger frame sizes, high-speed switching hardware and
interfaces mean that this is usually not a problem.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

L2 Network Device

Module 1 page 24

L3 Devices Routers

A router, unlike a bridge, operates up to L3 of the OSI model.


A router connects two different network segments.

L3 Network Device
Application
Presentation

OSI Model

Network

Physical

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Examine the IP header of the incoming packet for


the destination IP address

Look up this address in its routing table

Determine the best path to the destination IP


address

Determine the egress interface for the above path

Forward the data out of this egress interface

Transport

Data Link

Router

Basic router functions:

Session

Router

Module 1 |

25

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Routing

Module 1 page 25

L2 Encapsulations

TCP/UDP

DATA

DATA
TCP/UDP

TCP/UDP

Ethernet

IP

IP

ETHERNET

DATA

POS

TCP/UDP

PPP

IP

ETHERNET

IP

4
3

PPP

5
6

DATA

DATA
TCP/UDP

TCP/UDP

Ethernet/ ATM

IP

IP

ATM

ETHERNET

10

DATA

TCP/UDP

IP
ETHERNET

Alcatel-Lucent Scalable IP Networks v1.1

Module 1 |

26

All rights reserved 20062007 Alcatel-Lucent

Encapsulated data enters the ingress Ethernet switch on the top left via Ethernet interface 1 and leaves the switch
via interface 2. Because both the ingress and egress interfaces for the Ethernet switch are Ethernet line cards, the
Ethernet switch simply transmits the Ethernet frame, unchanged, out the egress interface. The data frame is still
referred to as an Ethernet frame or layer 2 frame.
When the L2 frame reaches the router at interface 3, the router strips off the Ethernet header, looks into the next
encapsulation, which is the IP header, and forwards the frame based on the IP header only via interface 4.
Basic router functions:
1. Examine the IP header of the incoming packet for the destination IP address.
2. Look up this address in its routing tables.
3. Determine the best path described in the routing table for the destination IP address.
4. Determine the egress interface for the above path.
5. Forward the data out of this egress interface.
Assuming that the next router decides to forward this data packet out of interface 6 because this interface is
connected to a PPP-based L2 switch, egress interface 6 of the router encapsulates the IP frame with a PPP header
and sends the data to the PPP device.
If the router decides to forward the data packet via interface 7, to the next router and then out to interface 8, the
egress interface at 8 would add an ATM header to the IP frame because it is connected to ATM interface 9 on the
Ethernet/ATM switch.
Note: Although only the IP header is relevant during the routing of the data packet, the data packet is encapsulated
at router interfaces 4, 5, and 7 by the appropriate L2 headers.

Scalable IP Networks v1.01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

DATA

Module 1 page 26

Module Summary

y Application Services
y Transport
y Internet Protocol
y Network Interfaces

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

27

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP and OSI protocol suites provides a common


framework to allow the interworking of diverse network
hardware and computer systems
TCP/IP protocol suite has 4 layers:

Module 1 page 27

Module Summary (contd)

y Application
y Presentation
y Session
y Transport
y Network
y Data Link
y Physical

Routers are layer 3 devices, switches are layer 2 devices


and hubs & repeaters are layer 1 devices
At each layer of the TCP/IP or OSI suite data is
encapsulated in the appropriate format

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

28

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSI protocol suite has 7 layers:

Module 1 page 28

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

29

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. Which of the following applications fall under the


application layer of the OSI model? (Select all that apply)
A. MS Word
B. Telnet
C. Notepad
D. FTP
2. Which layer is responsible for providing reliable
communications?
A. Session
B. Application
C. Physical
D. Transport
E. Network
F. Data link
G. Presentation

Module 1 page 29

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.01

Module 1 |

30

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

3. Which of the following devices operate at the physical


layer? (Select all that apply)
A. Router
B. Repeater
C. Hub
D. Switch
4. Which of the following are layer 2 encapsulations?
(select all that apply)
A. ATM
B. PPP
C. IP
D. Ethernet

Module 1 page 30

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 2 7x50 SR/ESS Components and CLI

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Understand the hierarchical structure of the 7x50 CLI
Understand basic CLI commands
Understand the concepts of configuring the hardware of the
7x50 product line
Understand the physical access options of the 7x50
Understand basic system configuration
Understand the purpose of the BOF

Module 2 page 2

Section 1 Hardware Configuration

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

7x50 SR/ESS Components and CLI

Alcatel 7450 Ethernet Service Switch Group

Slot

ESS-1
Integrated switch
fabric/control, IOM,
and power
20 Gb/s full duplex
system capacity
Two 10 Gb/s MDAs
Over-subscription of
some MDAs available
Power redundancy

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

1
2
3
4
5
A
B

ESS-7

7 Slots (5 IOM, 2 SF/CPM)


100 Gb/s full duplex system capacity
200 Gb/s switch fabric/ control
Fabric/control redundancy
Five 20 Gb/s IOMs
Ten 10 Gb/s MDAs
Over-subscription of some MDAs available
Power redundancy
Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

MDA
1

Module 2 page 4

Alcatel 7450 Ethernet Service Switch Group

6 Slots (4 IOM, 2 SF/CPM)


80 Gb/s full duplex system capacity
80 Gb/s switch fabric/ control
Fabric/control redundancy
4 10/20 Gb/s IOMs
Over-subscription of some MDAs available
Power redundancy

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

ESS 12
10 Slots (10 IOM, 2 SF/CPM)
400 Gb/s full duplex system capacity
400 Gb/s switch fabric/ control
Fabric/control redundancy
Ten 20/40 Gb/s IOMs
Over-subscription of some MDAs available
Power redundancy

Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ESS 6

Module 2 page 5

Alcatel 7750 Service Router Family


MDA
1

Slot
1
2
3
4
5
A
B

1
MDA
2

SR-7
SR-12
MDA
1

A
1
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

SR-1

Three chassis options 1, 7, and 12 slots


Carrier-class reliability combined with high
density in a small footprint
System capacities scalable from 20 Gb/s to
200 Gb/s
Modular design for the SR-7 and SR-12
removable IOM, SF/CPM,
and MDAs
Common operating system
Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Slot
1 2 3 4 5 A B 6 7 8 9 10

Module 2 page 6

Alcatel 7750 SR SF/CPM Cards

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Redundant SF/CPMs
supported on
SR7 and SR12

Module 2 page 7

Alcatel 7750 SR IOM, MDAs, and SFPs

Small Form-Factor
Pluggable (SFP) optics

2 MDAs per IOM


IOMs and MDAs are hot-swappable

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

All rights reserved 20062007 Alcatel-Lucent

IOM - Input/Output Module


IOMs are hot-swappable modules responsible for connecting to standard physical interfaces. It contains two 10Gbps
traffic-processing programmable fast path complexes. Each complex supports a pluggable Media Dependent Adapter
(MDA) that allows a common programmable fast path to support all of the possible interface types. The IOM also
contains a CPU section for managing the forwarding hardware in each flexible fast path.
MDA - Media Dependent Adapters
MDAs provide one or more physical interfaces, such as Ethernet, ATM or SONET/SDH. MDAs pass incoming packets to
the IOM for processing, and transmits outgoing packets out the appropriate physical interface in the correct format.
SFP Small Form Factor Pluggable interfaces
SFPs transceivers are small optical modules available in a variety of formats.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10 IOMs per SR-12


5 IOMs per SR-7

Module 2 page 8

Alcatel 7x50 Service Router System Components

Flexible
Fast Path
Complex

Media
Dependent
Adapter
(MDA)

Flexible
Fast Path
Complex

SF/CPM Module
Switch Fabric
Control Plane

CPU
CPU

I/O Module

Control Plane
Media
Dependent
Adapter
(MDA)

Flexible
Fast Path
Complex

Media
Dependent
Adapter
(MDA)

Flexible
Fast Path
Complex

FFPC
CPU

CPU
Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

All rights reserved 20062007 Alcatel-Lucent

Data plane operation


Data coming in from the remote network/customer site, ingresses through the Media dependent adapters, where the
data is formatted (internal format). The data is then processed in the I/O module where the decision to switch
happens (L2/L3 Forwarding information lookup) and the data packets are sent to the switch fabric. The switch fabric
then forwards the data to the appropriate IOM from where its sent to the appropriate MDA.
The data plane operation happens after the control plane has built the forwarding information and stored them in
the IOM.
Control plane operation
Control messages ingress the 7x50 in a manner similar to the data packets, except they are processed further by the
control plane.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Media
Dependent
Adapter
(MDA)

Module 2 page 9

Comparisons between the 7450 ESS and 7750 SR

7450 Ethernet Service Switch

7750 Service Router

Purpose

Primarily designed to support


Ethernet aggregation services

Support Ethernet, ATM, Frame relay


and VPRN services

Platforms

ESS-1, ESS-6, ESS-7 and ESS-12

SR-1, SR-7, SR-12

Redundancy
Pwr/Control

ESS-6,7 and ESS-12

SR-7 and SR-12

MDA

Ethernet, POS

All Ethernet, ATM, POS, DS3/OC3


channelized

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

10

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Type

Module 2 page 10

Section 2 CLI Commands

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

7x50 SR/ESS Components and CLI

Command Line Interface

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

12

All rights reserved 20062007 Alcatel-Lucent

The Alcatel 7750 SR CLI is a command-driven interface accessible through the console, Telnet and SSH. The CLI can
be used for the configuration and management of 7750 SR routers.
The 7750 SR CLI command tree is a hierarchical inverted tree. At the highest level is root. Below root are other levels
with the major command groups; for example,
configuration commands and show commands are levels below root.
To move up in the hierarchy, enter the command node name (sometimes a parameter must be provided).
Navigate down the tree by typing the name of the successively lower contexts. For example, typing configure or
show at the root level navigates down to the configure or show context, respectively. Global commands, such as
back, exit, info, and tree, can be entered at any level in the CLI hierarchy.
Sometimes the context can be specified in a specific context with a single keyword, such as:
SR>config# router
SR>config>router#
Sometimes a keyword and a user-supplied identifier are required:
SR>config>router# interface system
SR>config>router>if#
Viewing the CLI Tree Structure
You can view the hierarchical CLI command structure below your current position with the tree and tree detail
commands.
Displaying Configuration Contexts
Use the info and info detail commands to display information about the current context level.
info

displays non-default information

info detail

displays all configuration information, including defaults

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatels 7750 SR CLI is a command-driven interface


accessible through the console, Telnet and SSH.
The CLI is used for configuration and management of 7750
SR routers.
The CLI command structure is a hierarchical inverted tree.
The highest level is root.
Navigation down the hierarchy tree is performed by typing
the names of submenus.
Global commands can be used anywhere in the hierarchy.

Module 2 page 12

CLI Command Prompt

SR1>config>router>ospf#
Host name SR1

Context separator

Example of creating a new router interface:


SR1>config# router interface Toronto
SR1>config>router>if$ address 131.131.131.1/30
At the end of the prompt, there is either a pound symbol (#) or a dollar symbol ($).
A # symbol at the end of the prompt indicates that the context is an existing context.
A $ symbol at the end of the prompt indicates that the context has been newly
created.
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

13

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Example of configuring OSPF:

Module 2 page 13

Command Completion

1. Abbreviation, if the keystrokes entered are unique.


SR1>config>router>os [ENTER]
SR1>config>router>ospf#
2. Tab Key or Space Key to automatically complete the command.
SR1>config>router>os [TAB]
SR1>config>router>ospf
SR1>config>router>os [SPACEBAR]
SR1>config>router>ospf
If a match is not unique, the CLI displays possible matches:
SR1>config# ro [TAB]
router
router-ipv6
SR1>config# router
Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

14

All rights reserved 20062007 Alcatel-Lucent

The system maintains a history of previously entered commands. The history command displays the previous 30
commands entered.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Command completion can be achieved by:

Module 2 page 14

CLI Navigation

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

15

All rights reserved 20062007 Alcatel-Lucent

When you enter a CLI command, you move from one command level to another. When you start a CLI session, you begin in the root
context. Navigate to another level by entering the name of successively lower contexts. For example, enter either the configure or
show commands at the root level to navigate to the config or show context, respectively.
Other navigation methods include:

Move down the hierarchy by entering the level; for example, config.

Move up one level in the hierarchy by entering the keyword back.

Move several levels down in the hierarchy by entering multiple contexts separated by spaces. For example: #config router
ospf

See Console Control Commands below for explanations of exit, exit all and <Ctrl-z>.
Some contexts are specified with a single keyword, such as router, and others require a keyword and a user-supplied identifier such
as interface interface-name.
Console Control Commands
Console control commands are used for navigating in a CLI session and for displaying information about a console session. Many of
these commands are global commands, which means they can be executed at any level of the CLI hierarchy.
The following are some of the more commonly used global commands (see the next page for additional commands):
<Ctrl-c>

Aborts the pending command

<Ctrl-z>

Terminates the pending command line and returns to the root context
This is a special keyboard sequence that acts like pressing the <Enter> key and entering exit all to return the
user to the root context.

back

Navigates the user to the parent context

echo

Echoes the text that is typed (primary use is to display messages within an exec file)

exec

Executes the contents of a text file as if they were CLI commands entered at the console

exit

Returns the user to the previous higher context

exit all

Returns (moves up) the user to the root context

help

Displays a brief description of the help system

Lists all commands in the current context

history

Displays a list of the most recently entered commands (like history in UNIX shell environments)

info

Displays the running configuration for a configuration context

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Console Control Commands


Console control commands are used for navigating a CLI
session and displaying information about a console session.
The following is a list of some of the more commonly used
global commands (see next page for additional commands):
<Ctrl-c> Aborts the pending command
<Ctrl-z> Terminates the pending command line and
returns to the root context
echo
Echoes the text that is typed (primary use is to
display messages in an exec file)

Module 2 page 15

CLI Navigation (continued)

SR1>config>router>ospf# tree
ospf
|
+---area
|
|
|
+---area-range
|
|
|
+---blackhole-aggregate
|
|
|
+---interface
|
|
|
|
|
+---advertise-subnet
|
|
|

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

16

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

back
Brings you back one context
exit all
Brings you back to the root level
up/down arrow Lists previous command(s) to be repeated
tree
Shows available commands from context

Module 2 page 16

CLI Navigation (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

17

All rights reserved 20062007 Alcatel-Lucent

The shutdown command does not change, reset, or remove any configuration settings or statistics. Many
objects must be shut down before they can be deleted. A shutdown is saved in the configuration file. All ports
are shut down by default when the system is first powered on.

To restore the settings after issuing a no command, you must reconfigure the router, reboot from a
configuration file that has the correct configuration, or do an exec command on a configuration file that
contains the correct settings. You can use an exec command to process a configuration file and restore the
configuration stored in the file.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The shutdown command can be used to disable protocols and


interfaces.
The no form of any command may have one of two results:
The removal from the configuration (i.e., no ospf).
Reset to default settings (i.e.,
config>ospf>area>interface>no hello-interval)

Module 2 page 17

CLI Global Commands

password
ping
pwc
sleep
ssh
telnet
traceroute
tree
write

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Info
logout
oam

provides info on the configuration


Terminates the CLI session
OAM test suite (see the Service OAM section of the 7750 SR OS
Services Guide)
Changes the user CLI login password
Note: Not a global command; must be entered at the root level.
Verifies the reachability of a remote host
Displays the present or previous working context of the CLI
session
Causes the console session to pause operation (sleep) for 1
second or for the specified number of seconds (primary use is to
introduce a pause during the execution of an exec file)
Opens a secure shell connection to a host
Telnet to a host
Determines the route to a destination address
Displays a list of all commands at the current level and all
sublevels
Sends a console message to a specific user or to all users with
active console sessions

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

18

All rights reserved 20062007 Alcatel-Lucent

Refer to the 7750 SR OS System Guide for detailed information about CLI
commands and navigation.
Scalable IP Networks v1.00

Module 2 page 18

CLI Environment Commands

Enables the substitution of a command line by an alias

create

Enables the create parameter check

more

Configures whether CLI output should be displayed 1


screen at a time, awaiting user input to continue

reduced-prompt

Configures the number of higher-level CLI context


levels to display in the CLI prompt

terminal

Configures the terminal screen length for the current CLI


session

time-display

Specifies whether time should be displayed in local or UTC


format

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

19

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

alias

All rights reserved 20062007 Alcatel-Lucent

CLI environment commands are used to customize session preferences for a single CLI session.

Refer to the 7750 SR OS System Guide for detailed information about CLI
commands and navigation.
Scalable IP Networks v1.00

Module 2 page 19

Finding Help
Displays a brief description of the help system

Lists all commands in the current context

string ?

Lists all commands available in the current context


that start with string

command ?

Displays the commands syntax and associated keywords

command keyword ?

Lists the associated arguments for keyword in command

string <Tab>
string <Space>

Completes a partial command name (auto-completion) or lists


available commands that match string

Help Edit

Displays help on editing (editing keystrokes)


Lists the available editing keystrokes

Help Globals

Displays help on global commands


Lists the available global commands

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

20

All rights reserved 20062007 Alcatel-Lucent

The tree and tree detail system commands are help commands that are useful when you search for a command in a
lower-level context.

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Help

Refer to the 7750 SR OS System Guide for detailed information about CLI
commands and navigation.
Scalable IP Networks v1.00

Module 2 page 20

File System CLI Context

Root
File

Alcatel-Lucent Scalable IP Networks v1.1

Attrib
Cd
Copy
Delete
Dir
Md
Move
Rd
Scp
Type
Version
Module 2 |

21

All rights reserved 20062007 Alcatel-Lucent

Delete

Deletes the specified file. The optional wildcard (*) can be used to delete
multiple files that share a common (partial) prefix and/or (partial) suffix.

move

Moves a local file, system file, or a directory. If the target already exists,
the command fails and an error message displays.

scp

Copies a file from the local files system to a remote host on the network.
scp uses ssh for the data transfer, and uses the same authentication and
provides the same security as ssh.

type

Display the contents of a text file.

version

Displays the version of a 7750 SR OS cpm.tim or iom.tim file.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

File system is DOS based and is used to store software image,


configuration files and event logs
File commands can be used to create, copy, move, remove files
and directories

Module 2 page 21

Section 3 Boot Process

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

7x50 SR/ESS Components and CLI

Basic Boot Up components

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

23

All rights reserved 20062007 Alcatel-Lucent

Basic Operating System


The 7750 SR does not use a BOOT PROM to start the system; instead, it uses a Boot Option File (BOF).
Each new system is shipped with a Compact Flash (CF) card that contains the files required to start a 7750 SR system.
The system files are stored on CF3 and that is where the system looks for the files when initializing.
The CF3 card contains the following directories and files located off of the root directory:
Boot.ldr
This file contains the system bootstrap image.
Bof.cfg
The Bof.cfg file is user configurable and contains information such as:
Management port IP address
Location of the image files (primary, secondary, and tertiary)
Location of the configuration files (primary, secondary, and tertiary)
TiMOS-m.n.Y.z
This is a directory this is named according to the major and minor software release, type of release and version.
For example, if the software release is Version 1.2 of a released software version the name would be:
TiMOS 1.2.R.0
On an SR7, and SR12 this directory contains two files, cpm.tim and iom.tim, for the SF/CPM and IOM cards
respectively. Since the SR-1 has an integrated fabric/control and I/O, there is only one file, named both.tim.
Config.cfg
This file contains the default configuration file. The default configuration file is very basic and provides just enough
information to make the system operational.
You can create other configuration files and point the system to them using the bof.cfg file.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Uses a Boot Option File (BOF) to start the system


Stored in the compact flash CF3
Other components required for startup
Boot loader
BOF configuration file
TiMOS-m.n.Y.Z software image file
Default config file

Module 2 page 23

Software Release Media

boot.ldr

bof.cfg

config.cfg

TiMOS-m.n.Y.z
cpm.tim

Bootstrap
Image

Boot
Option
File
m
n
Y

z
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Default
Configuration
File

CPM
Image
File

iom.tim
IOM
Image
File

Major release number


Minor release number
A
Alpha Release
B
Beta Release
M
Maintenance Release
R
Released Software
I
Internal Engineering and Test Release
Version number.
Module 2 |

24

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Root

Module 2 page 24

System Initialization

Initialize
Hardware

Startup
Failed

Get config
(3 possible locations)

N
Y
Load & Execute
boot strap loader
(cf3:\boot.ldr)

Process
boot option file
(cf3:\bof.cfg)

Image OK ?

Get runtime image


(3 possible locations)

User intervention point:

Need
Persistence
?
Y
Process
persistence
and
Configuration
files

Log In
Prompt

SNMP shutdown
Issue Trap (if possible)
Issue Log entry
Issue Console msg

Persistence
File Processed
OK

Wait
required

N
Process
Config File

Boot with Defaults


SNMP shutdown
Issue Trap
Issue Log entry
Issue Console msg

Config found ?

Y
Config File
Processed OK

User activity detected

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

25

All rights reserved 20062007 Alcatel-Lucent

The configuration file includes chassis, IOM, MDA, and port configurations, as well as system, routing and service
configurations.
Persistence
You can configure the BOF to turn persistence On or Off (default is Off). Persistence is required if the 7450 is
managed by the 5620 SAM network manager. When persistence is turned on the 7450 SR creates an index file with the
same file prefix name as the current configuration file. The index file contains variable index information (i.e.
interface indexes, LSP ids, path ids, etc.). The index file is built dynamically by the 7450 operating system and does
not contain configuration information entered by users. The index file is saved whenever the system configuration
file is saved.
The index file ensures that the 5620 SAM has the same index data as the 7450 ESS node after a system reboot. If a
7450 reboots and the indexes stored on the SAM do not match the node indexes, a complete re-synchronization
between the node and the SAM takes place automatically. This can be a very time consuming and processor intensive
operation.
If a node reboots with persistence turned on, it must locate the persistence index file and successfully process it
before processing the system configuration file.
If the index file cannot be processed for some reason, the system performs an SNMP shutdown (Get and Set
functionality is disabled), however traps will continue to be issued. The system issues traps, log messages, and
console messages to advise the user. It requires a no shutdown SNMP to reactivate full SNMP functionality.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

START

Module 2 page 25

Boot Options File

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

26

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Stores parameters that specify the location of the image


filename that the router will try to boot from and the
configuration file that the router uses to configure the
applications and interfaces
The most basic BOF configuration should have the following:
Primary address
Primary image location
Primary configuration location

Module 2 page 26

BOF Parameters

Alcatel 7750 SR uses the BOF file to perform the following tasks:
1)
2)
3)
4)
5)
6)
7)
8)

Set up the CPM Ethernet port (speed, duplex, auto)


Create an IP address for the CPM Ethernet port
Create a Static route for the CPM Ethernet port
Set the console port speed.
Configure the DNS Domain name
Configure Primary, Secondary, Tertiary configuration source
Configure Primary, Secondary, Tertiary image source
Configure persistence requirements

Always be sure to save the BOF!

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

27

All rights reserved 20062007 Alcatel-Lucent

Parameters that are configured in the BOF are shown in the chart above. Configuration of the BOF is done in the BOF
CLI context.
Sample BOF file commands:
SR-1# buff cf3
or create a buff file on media cf3

# Change

SR-1>buff# address 10.10.10.2/24 primary


address (must be entered from console)

# Change or create the CPM Ethernet Port IP

SR-1>buff# speed 100


CPM Ethernet Port speed to 100 Mbps.
SR-1>bof# primary-image cf3:/TIMOS.1.0.R0

# Set the
# Set the primary image directory

SR-1>bof# primary-config cf3:/test.cfg


test.cfg
SR-1>bof# save
bof

# Saves the

Show Commands:
SR-1>show bof

Scalable IP Networks v1.00

# Set the primary configuration file to be

Displays the in-memory bof file (last used)

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Boot
Option
File

Module 2 page 27

Show BOF

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

28

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the information that is contained in the boot options file. The primary image location is one of
the most important items in the BOF. If the router cannot find an image, it will remain in the boot cycle forever.
In this example, the primary configuration is located in CF1. Therefore, when the router reboots, it goes to CF1, gets
the configuration that is specified in the BOF, and loads the router with that configuration. In addition, after the
primary configuration location has been defined, every time the operator inputs the command admin save, the
current configuration is saved to the primary configuration file.
The address that is referred to in the slide above is the address of the management port on the CPM. Notice the
console speed; this is the default speed of the RS-232 port on the CPM. This speed can be changed here in the BOF.
Setting the CPM Ethernet Port Address
Use the following command to assign an IP address to the active CPM in the running configuration and the BOF or the
standby CPM for systems that use redundant CPMs.
SR1# bof
SR1>bof# address <xxx.xxx.xxx.xxx/xx>
(or e.g.,SR7>bof# address <xxx.xxx.xxx.xxx/xx> <active
|standby>)
SR1# show bof

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:sr1a# show bof


===============================================================================
BOF (Memory)
===============================================================================
primary-image
cf3:\4.0.R9
primary-config
cf3:\test\test_sr1a.cfg
address
138.120.199.60/24 active
autonegotiate
duplex
full
speed
100
wait
3
persist
on
console-speed
115200
===============================================================================

Module 2 page 28

Compact Flash

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

29

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Each Control/Switch processor on a 7x50 product can have


3 compact flashes, cf1:, cf2:, cf3:
Flash size can be 256M, 512M, 1G and 2G
By default the system startup looks for the boot.ldr file in
cf3
cf3 can store the runtime image, the running configuration
Requires a shutdown of the compact flash before removing
it
Compact flash 1 and 2 can be used to store
debug/accounting logs

Module 2 page 29

Section 4 Basic Router Configuration

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

7x50 SR/ESS Components and CLI

Physical Access

CPM Console Port

In-band

OOB-CPM
Management
Ethernet
Port

CustomerFacing
Access Ports
&
Network Ports
are located on
MDAs

SR-1
Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

31

All rights reserved 20062007 Alcatel-Lucent

The 7750 SR can be accessed in three ways:


In-band ports These are access ports and network ports on MDAs.
Console port A DB-9 serial port; this port is enabled by default. The default settings are:
Baud Rate: 115,200
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: None
CPM Ethernet port A 10/100 Ethernet management port.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

SF/CPM (Switch Fabric/Control Processor Module) Card Common to the SR-7 and 12

Module 2 page 31

Initial System SETUP

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

33

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The following steps are typically used to configure a system


from start up
Login to the SR/ESS using console input
Configure System name and changing admin user password
Configure CPM Ethernet management IP address
Configure additional BOF parameters
Configure IOM cards
Configure MDA cards
View Alarms
Configure system address
Configure Logs if required
View entire running config

Module 2 page 33

Initial System SETUP (contd)

Change admin user password

>config>system# name SR-1


SR-1# password
Enter current password:
Enter new password:
Re-enter new password:

Configure the CPM Ethernet port IP address

SR-1# bof
SR-1>bof># address 10.1.1.1/32

SR-1>bof# save
SR-1>bof# exit

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

34

All rights reserved 20062007 Alcatel-Lucent

Basic System Management Configuration


Some basic configuration on the 7750 SR is required before putting it into service:
System name
Change admin password
CPM Ethernet management port IP address
Configure IOMs, MDAs, and ports
System Name
The system name can be any ASCII printable string of up to 32 characters. The system name is configured in the
config CLI context. If the name contains spaces, it must be enclosed in double quotes to delimit the start and end of
the name. The system name becomes part of the CLI prompt.
Passwords
The default login and password is admin. This password should be changed before your router is put into service.
The system automatically creates at least one admin user (the default) and must retain at least one admin user
unless you are using an external protocol such as RADIUS or TACACS+ to provide authentication.
You can configure the following password parameters:
Aging The maximum number of days (1 to 500) that a password remains valid before the user must change it. The
default is no aging enforced.
Attempts The number of unsuccessful login attempts allowed in a specified time period. If the configured threshold
is exceeded, the user is locked out for a specified time.
Count: 4
Time (minutes): 10
Lockout (minutes): 10
In the example above, a user is locked out for 10 minutes if 4 unsuccessful login attempts in occur in a 10-minute
period.
Authentication Order You can configure the order in which password authentication is attempted among RADIUS,
TACACS +, and local methods.
Complexity You can use this parameter to specify if passwords must contain upper- and lowercase characters,
numeric, and special characters.

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Set the system name

Minimum Length You can specify the minimum number of characters (1 to 8) required for a password.

Scalable IP Networks v1.00

Module 2 page 34

Show Card

===============================================================================
Card 1
===============================================================================
Slot
Provisioned
Equipped
Admin
Operational
Card-type
Card-type
State
State
------------------------------------------------------------------------------1
iom-20g-b
iom-20g-b
up
up
===============================================================================

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

35

All rights reserved 20062007 Alcatel-Lucent

Show Card
The slide above shows the output of a show card command. The output shows that the card slot is configured to
support all IOMs. The next columns show which card the slot is configured to accept and then which card is actually
installed in the slot. These two entries must match. Finally, the administrative and operational states should both be
up.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:sr1a# show card 1

Module 2 page 35

Show MDA

===============================================================================
MDA Summary
===============================================================================
Slot Mda
Provisioned
Equipped
Admin
Operational
Mda-type
Mda-type
State
State
------------------------------------------------------------------------------1
1
m5-1gb-sfp-b
m5-1gb-sfp-b
up
up
2
m16-oc3-sfp
m16-oc3-sfp
up
up
===============================================================================

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

36

All rights reserved 20062007 Alcatel-Lucent

Show MDA
The slide above shows the output of a show mda command. The output shows the card slot that is being referenced,
in this case card 1, and then the MDAs that are supported by the IOM in card slot 1. In this case, all MDAs are
supported.
Next is which MDA is the IOM slot configured to accept, the actual MDA that is installed in the IOM MDA slot, and the
status of the MDA.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:sr1a# show mda

Module 2 page 36

Admin display-config

# Generated FRI DEC 22 16:00:41 2006 UTC


exit all
configure
#-------------------------------------------------echo "System Configuration"
#-------------------------------------------------system
name "acie_sr1a"
snmp
shutdown
exit
login-control
Press any key to continue (Q o quit)
Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

37

All rights reserved 20062007 Alcatel-Lucent

Admin display-config
The slide above shows a partial output of the admin display-config command. The first portion of the output shows
the current version of the operating system that is running on the router. The router then outputs the entire
configuration of the router, down to the port level. This command can output a large number of pages on a fully
configured router.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:acie_sr1a# admin display-config


# TiMOS-B-4.0.R9 both/hops ALCATEL SR 7750 Copyright (c) 2000-2007 AlcatelLucent.
# All rights reserved. All use subject to applicable license agreements.
# Built on Tue Dec 19 15:56:05 PST 2006 by builder in /rel4.0/b1/R9/panos/main

Module 2 page 37

Info Command

A:Training1>config>router# interface Toronto


A:Training1>config>router>if# info
---------------------------------------------address 131.131.131.1/30
port 1/1/1
----------------------------------------------

You can view more details by using the detailed version of


the info command: info detail

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

38

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The info command provides informational display during


configuration without the need to use the show config
command.

Module 2 page 38

Logs

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

39

All rights reserved 20062007 Alcatel-Lucent

7x50 Logs
The 7x50 ESS keeps very extensive logs of events, alarms, traps, and debug/trace messages. The logs are used to monitor events and
troubleshoot faults in the 7450. You can configure what type of logging information is captured and where you want to send the
captured logging information.
Log Sources
Applications and processes within the 7450 generate event logs. The logs are divided into four streams:
Main most normal logs not specifically directed to any other event stream.
Security any attempts to breach system security, such as failed login attempts.
Change any events that affect the configuration or operation of the node.
Debug/Trace all output generated as a result of turning on debug/trace.
Forwarded events are placed into an event log. Each event log has a log identification (log-id) number and can contain events from
more than one event stream.
Log Destinations
You can configure the destination for the contents of a log-id. A log-id can be directed to one of the following destinations:
Console the physical 9-pin console port of the 7450.
Session a console or Telnet session. Sessions are temporary log destinations that are valid only as long as the session lasts.
Memory a circular buffer where the oldest entry is overwritten when the buffer is full.
File event logs and accounting policy information can be directed to a file.
Syslog event log information can be sent to a syslog server.
SMNP Trap Group event log information can be sent to an SNMP trap group. All events and traps are time-stamped and numbered
per destination. Traps are sequence-numbered per destination and stored in memory. If the 7450 NMS should go offline for some
reason it may not receive some trap notifications. When the NMS comes back online it will automatically recognize that it has missed
some trap notifications because the last sequence number it has will be different from the sequence number in the 7450. The NMS
will then update its records with the missing traps. If the in-memory notification log become full and some records are overwritten
the NMS will resynchronize itself with
the 7450.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Record Events, Alarms, Faults that result from actions performed on


the 7X50
Can be used to record debug messages for trouble shooting
Log Sources
Main
- most normal logs
Security
- any attempt to breach system security
Debug
- events as a result of turning debug tracing on
Change
- any events that change configuration of the node
Log Destinations
Console, Session
Memory, File
SYSLOG Server
SNMP Trap Group

Module 2 page 39

Configuring Logs

Main

Security

Change

Event Controller
Log event?

No

Debug

Yes

Optional Filter Policy


Garbage

Log Id 10

Log Id 11

Session

File

Alcatel-Lucent Scalable IP Networks v1.1

Configuring Logs
Steps
1. Configure a log id with a number from 1-98
2. Identify the source
3. Specify an optional filter to filter events if desired
4. Identify the destination
5. Examine the logs to view the events

Scalable IP Networks v1.00

Log Id 13

Log Id 12

SNMP

Memory

Module 2 |

40

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Sources

Module 2 page 40

CLI for Configuring Logs

<filter-id>

: [1..1001]

[no] default-action
[no] description
[no] entry

- Specify the default action for the event filter


- Description string for the event filter
+ Configure an event filter entry

A:PE1>config# log filter 14


A:PE1>config>log>filter$ description "default filter"
A:PE1>config>log>filter$ default-action forward
A:PE1>config>log>filter$ back
A:PE1>config>log>filter# info detail
---------------------------------------------default-action forward
description "default filter"
---------------------------------------------Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

41

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:PE1>config# log filter


- filter <filter-id>
- no filter <filter-id>

Module 2 page 41

CLI for Configuring Logs (contd)

14
from debug-trace
to session
filter 14

A:PE1>config>log>log-id# info detail


---------------------------------------------no description
filter 14
time-format utc
from debug-trace
to session
no shutdown
---------------------------------------------A:PE1>config>log>log-id#

Alcatel-Lucent Scalable IP Networks v1.1

General Log Commands


Show log applications
Show log event-control
Show log file-id
Show log filter-id
Show log log-collector
Show log log-id
Show log snmp-trap-group
Show log syslog

Scalable IP Networks v1.00

Module 2 |

42

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:PE1>config>log# log-id
A:PE1>config>log>log-id#
A:PE1>config>log>log-id#
A:PE1>config>log>log-id#

Module 2 page 42

Default Alarm Logs

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

43

All rights reserved 20062007 Alcatel-Lucent

How to show Layer 1 & Layer 2 alarms


7X50 has two default memory logs (Log-id 99 & 100) containing all the events from the main application. All
severity levels of alarms are recorded in log-id 99, where log-id 100 only contains serious errors.
There are several ways to view the alarms of a specific subject, such as alarms related to a particular port. One
method is to create a new log that only monitors the specific subject.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

There are two default logs


Log 99 All severity levels of alarms
Log 100 Only serious errors
To view the logs use the following commands:
Show log log-id 99
Show log log-id 100
More granular data mining of the two log files can be accomplished:
Show log log-id 99 subject 1/1/1 port specific
Show log log-id 99 application chassis chassis related alarms
Others exist.
Only store about 500 entries. If more entries are required then
specific alarm logs need to be created

Module 2 page 43

Default Logs Alarm Monitoring Example

A:PE1>config>log>log-id# show log log-id 99


===================================================================
Event Log 99
===================================================================
Description : Default System Log
Memory Log contents [size=500
next event=25 (not wrapped)]
24 2006/08/17 15:30:55.29 UTC WARNING: SYSTEM #2006 - CHASSIS
"tmnxMDATable: Slot 1, MDA 2 configuration modified"
23 2006/08/17 15:30:55.29 UTC WARNING: SYSTEM #2007 - PORT
"Pool on Port 1/2/b.net-sap Modified managed object created
.
5 2006/08/17 15:30:55.29 UTC MINOR: CHASSIS #2004 - Mda 1/2
"Class MDA Module : wrong type inserted"

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

44

All rights reserved 20062007 Alcatel-Lucent

The show log log-id 99 application chassis command details any and all alarms that have been logged within the
router. In the above case the detailed information only shows minor alarms from the individual modules being
inserted into the chassis. Noting the time, these entries were from when the router first booted.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The show log command

Module 2 page 44

Module Summary
7x50 product
CLI commands and navigation
Useful commands
System startup and boot files
Boot Options File (BOF) and default configuration files
Basic system and hardware configuration
Logs and alarms

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

45

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 2 page 45

Learning Assessment

What information does the BOF contain?


What is the CLI context in which interfaces are configured?
What command can be used to view the status of the MDAs?
List the possible log sources.
How many default logs are there, and what info do they
provide?

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 2 |

46

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1.
2.
3.
4.
5.

Module 2 page 46

Learning Assessment Answers

Alcatel-Lucent Scalable IP Networks v1.1

Module 2 |

47

All rights reserved 20062007 Alcatel-Lucent

1. What information does the BOF contain?


Stores the parameters that specify the location of the image file from which the router will try to boot, and
stores the configuration file which the routers uses to configure the applications and interfaces.
2. What is the CLI context in which interfaces are configured?
PE1>config>router#
3. What command can be used to view the status of the MDAs?
PE1>show mda x
4. List the possible log sources.
Main, Security, Debug, Change
5. How many default alarm logs are there, and what info do they provide?
There are two. Log 99 provides list of alarms of all severity. Log 100 provides a list of only the serious errors
that occur.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Page left blank for notes

Module 2 page 47

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 3 Ethernet Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Understand layer 2 requirements
Discuss the Ethernet protocol and its different components
Discuss the operation of STP
Discuss the operation of RSTP and its improvement over STP
Discuss the function of virtual local area networks
Discuss the operation of MSTP and how it relates to VLANs

Module 3 page 2

Section 1 Layer 2 OSI and Ethernet Defined

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet Overview

Data Link Layer/ Layer 2 OSI

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

The data link layer defines a lower-level addressing structure to be used between end systems as well as the lowerlevel framing and checksums used to transmit over the physical medium. Using checksums maintains data integrity
across end systems. It is at the data link layer that the data is broken down into bits for transmission via the physical
layer.
Ethernet, token ring, and frame relay are all examples of data link layer or layer 2 protocols.
Traditional Ethernet switches operate at the data link layer and are concerned with forwarding packets based on the
layer 2 addressing scheme. Layer 2 Ethernet switches are not concerned with whether the packet contains IP, IPX, or
AppleTalk, but only with the transmission of the Ethernet frame.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Defines an addressing structure that is used between end


systems
Provides framing and error checking for the transfer of data via
physical media
Layer 2 examples:
Ethernet
PPP
ATM
Frame relay
Token ring

Module 3 page 4

Layer 2 Protocols - ATM

Bits

GFC

VPI

VPI

VCI
VCI

VCI

PT

CLP

HEC
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

The UNI header consists of the following fields:


GFC4 bits of generic flow control that are used to provide local functions, such as identifying multiple stations that
share a single ATM interface. The GFC field is typically not used and is set to a default value.
VPI8 bits of virtual path identifier that is used, in conjunction with the VCI, to identify the next destination of a
cell as it passes through a series of switch routers on its way to its destination.
VCI16 bits of virtual channel identifier that is used, in conjunction with the VPI, to identify the next destination of
a cell as it passes through a series of switch routers on its way to its destination.
PT3 bits of payload type. The first bit indicates whether the cell contains user data or control data. If the cell
contains user data, the second bit indicates congestion, and the third bit indicates whether the cell is the last in a
series of cells that represent a single AAL5 frame.
CLP1 bit of cell loss priority that indicates whether the cell should be discarded if it encounters extreme
congestion as it moves through the network.
HEC8 bits of header error control that are a checksum calculated only on the header itself.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ATM Asynchronous Transfer Mode


yPacket oriented cell switching technology
yApplication packets are broken into 53 byte fixed
sized cells including a 5 byte header also referred to
as an ATM packet
yATM circuit is identified by a VPI/VCI value
yEnhanced QoS support with 5 service classes
yIdeal for multiple services on the same line

Module 3 page 5

Layer 2 Protocols - ATM Adaptation Layers

y AAL1 Constant Bit rate traffic


y AAL2 Variable Bit rate traffic
y AAL3/4 Connection oriented service usually
y AAL5 Connectionless oriented service usually (for e.g. IP)

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

Constant Bit Rate (CBR) service: AAL1 encapsulation supports a connection-oriented service where minimal data loss
is required. Examples of this service include 64 Kbit/sec voice, fixed-rate uncompressed video and leased lines for
private data networks.
Variable Bit Rate (VBR) service: AAL2 encapsulation supports a connection-oriented service in which the bit rate is
variable but requires a bounded delay for delivery. Examples of this service include compressed packetized voice or
video. The requirement on bounded delay for delivery is necessary for the receiver to reconstruct the original
uncompressed voice or video.
Connection-oriented data service: For connection-oriented file transfer and in general, data network applications
where a connection is set up before data is transferred, this type of service has variable bit rate and does not require
bounded delay for delivery. Two AAL protocols were defined to support this service class, and have been merged into
a single type, called AAL3/4.
Connectionless data service: Examples of this service include datagram traffic and in general, data network
applications where no connection is set up before data is transferred. This is used to transport IP/Ethernet/Frame
relay applications

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

AAL
ATM packets are further encapsulated by ATM adaptation
layers (AAL) which are responsible for Segmentation of
higher layer data into ATM cells and Re-assembly (SAR) of
ATM packets received at the other end into higher layer
data
Purpose is to adapt the class of service from higher layers
onto connectionless ATM cells
AAL classification is related to the service and application
required for transport

Module 3 page 6

Layer 2 Protocols - ATM Adaptation Layer 5

y Generally used to transport non-real time connectionless data


y Encapsulation used for transporting IP packets and interworking with Frame Relay or Ethernet packets
y AAL5 is the simple and efficient AAL which is the one used most
for data traffic; it has no per-cell length nor per-cell CRC
fields.
Variable
length

0-47

4 Bytes

PDU payload

PAD

UU

CPI

LI

CRC-32

PDU -

Variable length user information field (broken into 48 byte segments)

PAD -

Padding used to cell align the trailer between 0 and 47 bytes long.

UU -

CPCS user-to-user indication to transfer one byte of user information

CPI -

Common Part Indication

LI -

Length indicator

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

Higher level SDUs may be several bytes in length, however, as the ATM payload is only 48 bytes, the SDUs must be
segmented into multiple cells as it enters the ATM network, and then reassembled when it exits the ATM network.
This function of the ATM adaptation layer is known as SAR Segmentation and Reassembly. The adaptation layer
comprises two sub-layers, one of which is the SAR sub-layer, the other being the CS Convergence Sub-layer, which
performs service-dependent functions.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

AAL 5

Module 3 page 7

Layer 2 Protocols -PPP

y Physical- Can operate across any DTE/DCE (EIA/TIA, ISDN etc.)


y LCP (Link Control Protocol) to build data link connections
y NCP ( Network Control Protocol)- to allow multiple Network
protocols to be used over the point to point links

Supports authentication, compression, error detection,


multi-link as part of the LCP protocol

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PPP (Point to Point Protocol)


Point to Point data link layer protocol initially designed to
transport IP packets
Can be used over Asynchronous (ATM, dial-up) or
synchronous ISDN digital media
Components:

Module 3 page 8

Layer 2 Protocols - PPP (contd)

Flag
0x7E
Protocol
Second byte

Address
0xFF

Control
0x03

Protocol
First byte

Data
Padding

Packing

PPP in OSI frame

Frame Check Sequence

IP/IPX/AppleTalk

NCP

(Network Control)

LCP

(Link Control)

HDLC
1

Flag
0x7E

(High-level Data link)

Physical Layer

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

All rights reserved 20062007 Alcatel-Lucent

Flag: The first flag field indicates the start of a PPP frame. Always has the value 01111110 binary (0x7E hexadecimal, or 126
decimal). The last flag field indicates the end of a PPP frame. Always has the value 01111110 binary (0x7E hexadecimal, or 126
decimal
Address: In HDLC this is the address of the destination of the frame. But in PPP we are dealing with a direct link between two
devices, so this field has no real meaning. It is thus always set to 11111111 (0xFF or 255 decimal), which is equivalent to a
broadcast (it means all stations).
Control: This field is used in HDLC for various control purposes, but in PPP it is set to 00000011 (3 decimal).
Data: Zero or more bytes of payload that contains either data or control information, depending on the frame type. For regular PPP
data frames the network-layer datagram is encapsulated here. For control frames, the control information fields are placed here
instead.
Padding: In some cases, additional dummy bytes may be added to pad out the size of the PPP frame.FCS2 (or 4)
Frame Check Sequence (FCS): A checksum computed over the frame to provide basic protection against errors in transmission. This
is a CRC code similar to the one used for other layer two protocol error protection schemes such as the one used in Ethernet. It can
be either 16 bits or 32 bits in size (default is 16 bits). The FCS is calculated over the Address, Control, Protocol, Information and
Padding fields.
Protocol: Identifies the protocol of the datagram encapsulated in the Information field of the frame. See below for more
information on the Protocol field.
Value (in hex)
--------------

Scalable IP Networks v1.00

Protocol Name
----------------0001
0003
0005
0007
to 001f
0021
0023
0025
0027
0029
002b

Reference
-----------Padding Protocol
ROHC small-CID
ROHC large-CID
reserved (transparency inefficient)
Internet Protocol version 4
OSI Network Layer
Xerox NS IDP
DECnet Phase IV
Appletalk
Novell IPX

[RFC3095]
[RFC3095]

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PPP Frame

Module 3 page 9

Layer 2 Protocols PPP (contd)

Data
Network

LCP

LCP

Set Receive Data size


and compression

CHAP Challenge

CHAP Response

Success
NCP

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

10

All rights reserved 20062007 Alcatel-Lucent

A PPP Session establishment has three phases:


1. Link Establishment Phase

- each PPP device sends LCP packets to configure/test the data link

- LCP packets contain a Configuration Option field to negotiate:


maximum receive unit
compression of certain PPP fields
link authentication protocol

2. (Optional) Authentication Phase

PAP - Password Authentication Protocol


Two-way handshake
Passwords sent in clear text
Remote node in control of attempts

CHAP - Challenge Handshake Authentication Protocol


Three-way handshake
Challenge | Response | Accept/Reject
Use secret know only to authenticator and peer
Can be repeated any time after the link has been established

3. Network-Layer Protocol Phase


1. - PPP devices send NCP packets to choose and configure one or more network-layer protocols
2. - Once protocols are configured, datagrams can be sent over the network

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PPP Establishment Sequence

Module 3 page 10

Layer 2 Protocols - Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

11

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet
Most commonly used layer 2 protocol for LANs
Uses MAC for identifying interfaces
Encapsulates layer 3 traffic in an Ethernet frame that
requires a source MAC and a destination MAC address for
end system identification
Can use the broadcast address FF:FF:FF:FF:FF:FF as the
destination MAC address to forward data to all Ethernet
devices in the LAN

Module 3 page 11

Ethernet History

Ethernet started using the CSMA/CD access method (halfduplex) to handle simultaneous demands. Ethernet is one of
the most widely implemented LAN standards.

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

12

All rights reserved 20062007 Alcatel-Lucent

Ethernet was originally designed by the Xerox Corporation, but the company was unsuccessful at launching the
technology commercially. Later Xerox joined with Digital Equipment Corporation to commercially standardize a suite
of network products that would use the Ethernet technology. The Intel Corporation later joined the group, known as
DEC-Intel-Xerox (DIX). DIX developed and published the standard that was used for 10 Mb/s version of Ethernet.
Originally, the only medium capable of handling these speeds was a multidrop thick coaxial cable.
The IEEE had started project 802, which was to provide the industry with a framework for standardizing of LAN
technology. Because the technology was so diverse, the IEEE formed working groups in support of the different LAN
technologies. The 802.3 working group was tasked with standardizing LANs based on the Ethernet technology.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet is a LAN architecture developed by the Xerox


Corporation in cooperation with DEC and Intel in 1976.
Ethernet initially supported data transfer rates of 10 Mb/s.
The Ethernet specification served as the basis for the IEEE
802.3 standard, which specifies the physical and lower
software layers.

Module 3 page 12

Ethernet and the OSI Model

Logical Link Control


802.2

Presentation
Media Access
Session
Transport
Network

Control

LLC Interface to the L3 protocol


MAC L2 addressing, data transfer,
sync, error control, and data flow

Data Link
Physical

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

13

All rights reserved 20062007 Alcatel-Lucent

Ethernet resides at the data link layer. The Ethernet layer is subdivided into two sublayers: LLC and MAC.
The LLC interfaces between the network interface layer and the higher L3 protocol and may provide additional
functions such as flow control.
The MAC layer is responsible for determining the physical source and destination addresses for a particular frame and
for the reliable transfer of data, synchronization of data transmission, error control, and flow of data.
At the physical layer, to observe the physical link condition, Ethernet uses the link integrity test, in which Ethernet
transceivers continually monitor the data path for activity. The result of good activity is the green LED on most
Ethernet NICs.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Application

Module 3 page 13

Ethernet Frame Format

SFD DA

SA

Length
/type

P a y l o a d (46 to 1500 bytes)

FCS

Frame check sequence


4 bytes
Payload: Internet layer
Frame length or type information, 2 bytes
Source MAC address (6 bytes)
Destination MAC address (6 bytes)
8 bytes, fixed sequence to alert the receiver
(0x55555555555555D5), start frame delimiter
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

14

All rights reserved 20062007 Alcatel-Lucent

The frame consists of a set of bits organized into several fields. These fields include address fields, a variable size
data field that carries from 46 to 1500 bytes of data, and an error checking field that checks the integrity of the bits
in the frame to make sure that the frame has arrived intact.
The original Ethernet standards defined the minimum frame size as 64 bytes and the maximum as 1518 bytes. These
numbers include all bytes from the destination MAC address field to the frame check sequence field. The preamble
and the start frame delimiter fields are not included when quoting the size of a frame. The IEEE 802.3ac standard
released in 1998 extended the maximum allowable frame size to 1522 bytes to allow for a VLAN tag to be inserted
into the Ethernet frame format.
Frames can be bigger for gigabit Ethernet and 10 gigabit Ethernet ports.
Preamble
This is a stream of bits used to allow the transmitter and receiver to synchronize their communication. The
preamble is an alternating pattern of binary 56 ones and zeroes. The preamble is immediately followed by
the Start Frame Delimiter.
Start Frame Delimiter
This is always 10101011 and is used to indicate the beginning of the frame information.
Destination MAC
This is the MAC address of the machine receiving data..
Source MAC
This is the MAC address of the machine transmitting data.
Length
This is the length of the entire Ethernet frame in bytes.
Data/Padding (a.k.a. Payload)
The data is inserted here. This is where the IP header and data is placed if you are running IP over Ethernet.
This field contains IPX information if you are running IPX/SPX (Novell). Contained within the data/padding
section of an IEEE 802.2 frame are four specific fields: DSAP - Destination Service Access Point
SSAP - Source Service Access Point
CTRL - Control bits for Ethernet communication
NLI - Network Layer Interface
The Frame Check Sequence (FCS) is a part of the frame put in place to verify that the information each frame
contains is not damaged during transmission. If a frame is corrupted during transmission, the FCS on the frame will
not match with the recipient's calculated FCS. Any frames that do not match the calculated FCS will be discarded

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Preamble

Module 3 page 14

Ethernet II Frame Capture

0000
0010
0020
0030
0040
0050
0060
0070
0080
0090
00a0
00b0
00c0
00d0
00e0
00f0
0100
0110
0120

00
01
35
40
65
0d
6b
61
61
74
70
65
63
2e
75
68
64
72
31

11
21
95
00
3a
0a
73
72
2c
68
72
73
65
0d
74
6f
20
61
33

43
0e
00
bc
20
41
20
63
20
6f
6f
73
20
0a
20
75
74
74
2d

Alcatel-Lucent Scalable IP Networks v1.1

45
ab
17
0e
20
6c
43
68
4f
72
68
20
69
51
74
6c
6f
69
37

61
00
09
00
73
63
61
20
6e
69
69
74
73
75
68
64
20
6f
38

23
00
55
00
54
61
6e
52
74
7a
62
6f
20
65
69
20
4e
6e
34

00
40
98
ff
57
74
61
6f
61
65
69
20
72
73
73
62
65
73
2d

e0
06
09
fb
33
65
64
61
72
64
74
74
65
74
20
65
74
0d
33

52
ea
6c
03
32
6c
61
64
69
20
65
68
73
69
64
20
77
0a
31

d4
a8
96
0d
66
20
2c
2c
6f
61
64
69
74
6f
65
64
6f
61
32

a5
8a
8e
0a
62
4e
20
20
0d
63
2e
73
72
6e
76
69
72
74
34

00
78
7b
64
69
65
36
4b
0a
63
20
20
69
73
69
72
6b
20
2e

TCP Info

L3/IP Information

Ether Type

Source Address

08
35
67
65
38
74
30
61
55
65
20
64
63
20
63
65
20
2b
20

00
fe
a7
76
32
77
30
6e
6e
73
41
65
74
61
65
63
4f
31
0d

45
8a
50
69
0d
6f
20
61
61
73
63
76
65
62
20
74
70
20
0a

00
78
18
63
0a
72
4d
74
75
20
63
69
64
6f
73
65
65
36

Module 3 |

15

..CEa#..R.....E.
.!....@....x5..x
5....U..l..{g.P.
@..........devic
e: sTW32fbi82..
..Alcatel Networ
ks Canada, 600 M
arch Road, Kanat
a, Ontario..Unau
thorized access
prohibited. Acc
ess to this devi
ce is restricted
...Questions abo
ut this device s
hould be directe
d to Network Ope
rations..at +1 6
13-555-3124. ..
All rights reserved 20062007 Alcatel-Lucent

Details
Frame 234 (303 bytes on wire, 303 bytes captured)
Ethernet II, Src: FoundryN_d4:a5:00 (00:e0:52:d4:a5:00), Dst: Dell_45:61:23 (00:11:43:45:61:23)
Destination: Dell_45:61:23 (00:11:43:45:61:23)
Source: FoundryN_d4:a5:00 (00:e0:52:d4:a5:00)
Type: IP (0x0800)
Internet Protocol, Src: 138.120.53.254 (138.120.53.254), Dst: 138.120.53.149 (138.120.53.149)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 289
Identification: 0x0eab (3755)
Flags: 0x00
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xeaa8 [correct]
Source: 138.120.53.254 (138.120.53.254)
Destination: 138.120.53.149 (138.120.53.149)
Transmission Control Protocol, Src Port: 23 (23), Dst Port: 2389 (2389), Seq: 4, Ack: 1, Len: 249
Source port: 23 (23)
Destination port: 2389 (2389)
Sequence number: 4 (relative sequence number)
Next sequence number: 253 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 16384
Checksum: 0xbc0e [correct]
Telnet

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Destination Address

Module 3 page 15

Ethernet MAC Addressing

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

16

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

MAC addresses allow Ethernet connected devices to


communicate with each other.
IEEE 802.3 uses a 48-bit address space, yielding 2^48
possible addresses.
A unique L2 MAC address is given to each network host.
Most MAC addresses are pre-programmed into the Ethernet
NIC at the time of manufacture.
MAC addresses are assigned by IEEE and are globally unique.
The first 3 octets in the address are assigned by IEEE on a
per-manufacturer basis.

Module 3 page 16

Ethernet MAC Addressing (continued)

XX-XX-XX-XX-XX-XX
OUI

Vendor Assigned

The OUI is the number assigned by the IEEE to vendors such as


Alcatel
OUI examples: Alcatel Canada 00-80-21 and 00-D0-F6, Alcatel USA
00-17-CC, Alcatel Italia 00-20-60
OUI engine: http://standards.ieee.org/regauth/oui/index.shtml

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

17

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

MAC Address Format

Module 3 page 17

Ethernet Frame Types

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

18

All rights reserved 20062007 Alcatel-Lucent

Ethernet supports multiple frame types that are often related to the payload that is in the frame itself.
Ethernet 802.3 Raw This type of Ethernet frame was developed by Netware and will only support Novell IPX/SPX
traffic. The frame is similar to the standard 802.3 frame except that it does not contain the LLC information.
Ethernet 802.2 This frame includes fields from 802.3 and 802.2. The major difference in this type of frame is that
the first 3 bytes of the data field are reserved for the LLC header information: the DSAP, SSAP, and control field. This
is the most commonly used frame today.
Ethernet II The major difference of this frame is that the 2 bytes that typically define the length of the frame are
now used to define the type of frame. In addition, the Ethernet II frame does not use an LLC header in the data field.
Ethernet SNAP SNAP is similar to 802.2, with LLC parameters, but has expanded capabilities. The LLC now uses the
first 8 bytes of the data field for LLC header information. The wireless protocol 802.11g uses this format.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet 802.3 Raw


Original frame type; does not support LLC
Ethernet 802.2
Includes fields from 802.3 and LLC 802.2
Ethernet II
Similar frame type except that the length field has been
replaced by a type field
Ethernet SNAP
Similar to 802.2 but has expanded LLC capabilities

Module 3 page 18

Ethernet Transmission

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

19

All rights reserved 20062007 Alcatel-Lucent

Half-duplex transmission is the traditional means of transporting Ethernet frames. Because data is transmitted in one
direction at a time over a shared medium, such as a hub, collisions are possible. The CSMA/CD algorithm is used to
handle collisions. A hub uses shared media and supports half-duplex only. 10Base-T, which works on half-duplex, is
efficient 30 to 40% of the time because of collisions and as such the effective throughput is only 3 to 4 Mb.
Full-duplex transmission has data forwarding in both directions simultaneously. Full-duplex implementations also
require a point-to-point connection between each send and receiver port. Therefore a switch with 8 ports would have
each of the 8 ports connected to the rest of the ports via a dedicated set of wires. This ensures that there is no
shared medium and collision is not possible. Because data can be transmitted bidirectionally, the effective rate of a
10-Mb full-duplex transmission is 20 Mb (i.e., 10 Mb each way). Hence full-duplex transmissions are more efficient
than half-duplex. Switches and routers usually support full-duplex transmissions.
When devices such as switches and hubs are interconnected, care must be taken to ensure that the proper
transmission parameters are set on the ports. For switch-to-hub connections, the switch port must be set to halfduplex because the hub only supports half-duplex. For switch-to- switch, switch-to-host, or switch-to-router
connections, full-duplex can be used.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Half-duplex transmission
Data sent in one direction at a time
Results in collisions
Uses CSMA/CD to resolve collisions
Hubs are the most common half-duplex
devices
Full-duplex transmission
Data sent in both directions at the
same time
Requires point-to-point connections
No collisions
An approach to higher network
efficiency
Switches are the most common fullduplex devices

Module 3 page 19

Half-Duplex Operation (CSMA/CD )

All hosts constantly listen to the line.


Host A transmits.
Hosts B, C, and D listen to host A and do not transmit.
All hosts receive host As message.

Hub

Alcatel-Lucent Scalable IP Networks v1.1

C
Module 3 |

20

All rights reserved 20062007 Alcatel-Lucent

The CSMA/CD access rules are summarized by the protocols acronym.


Carrier Sense means that a host that wants to transmit data will first monitor the link, and if it does not sense the
transmission signal of another host, it will transmit its data. If the waiting host senses another host transmission
signal, the waiting host will continue to wait until the link goes silent.
Multiple Access means many hosts share the same medium.
Collision Detection means that hosts monitor the medium while transmitting to detect another host that is
transmitting while they are transmitting. This means that only one host can transmit at once, as shown in the figure
above.
In this scenario:
All the hosts are listening to the line.
Host A decides to transmit because there is no message transmitted by any other host (idle line).
Hosts B, C, and D listen to host A transmitting and will not transmit data until host A has transmitted the data.
Host As message is transmitted on all hub ports.
The procedure above reduces the chance of collisions but does not prevent them. Both hosts A and B could decide to
transmit at once because no other hosts are transmitting a message on the line (idle line).

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 3 page 20

Half-Duplex Operation (CSMA/CD) (continued)

All hosts constantly listen to the line.


Host A and host B transmit simultaneously.
Messages collide.
Both hosts back off for a random time interval.

Hub

A
Alcatel-Lucent Scalable IP Networks v1.1

C
Module 3 |

21

All rights reserved 20062007 Alcatel-Lucent

When host A and host B transmit frames at the same time, they will both detect collision or corruption of the data.
Both host A and host B will generate a jam signal, which will be received by other hosts so that they discard the data
that was just corrupted by a collision.
A random back-off timer is then started on the transmitting hosts. Afterward, either host A or host B will initiate a
transmission after they detect no other transmission on the line.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 3 page 21

Full-Duplex Operation

Point-to-point only
Attached to a dedicated switched port
Requires full-duplex support on both ends
Collision-free
Switch

A
Alcatel-Lucent Scalable IP Networks v1.1

D
Module 3 |

22

All rights reserved 20062007 Alcatel-Lucent

Full-duplex operation is an optional MAC layer capability that allows simultaneous two-way transmission over pointto-point links.
Full-duplex transmission involves no media contention, no collisions, and no need to schedule retransmissions. There
are exactly two hosts connected on a full-duplex point-to-point link.
The link bandwidth is effectively doubled because each link can now support full-rate, simultaneous, two-way
transmission.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 3 page 22

Auto-Negotiation

y 10 Mb/s
y 100 Mb/s
y 1000 Mb/s

Operation mode
y Half-duplex (CSMA/CD)
y Full-duplex

If auto-negotiation is enabled, Ethernet nodes connected by a


twisted pair cable negotiate their speed as well as duplex mode
prior to establishing a link.
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

23

All rights reserved 20062007 Alcatel-Lucent

Auto-negotiation is a mechanism that takes control of the cable when a connection to a network device is
established. Auto-negotiation detects the various modes that exist in the device on the other end of the wire (the
link partner) and advertises its own abilities to automatically configure the highest performance mode of
interoperation.
Auto-negotiation was first defined in 1995 as an optional feature for 10 and 100 Mb/s twisted-pair Ethernet, clause
28 of 802.3u. 1000Base-T requires auto-negotiation to establish signal timing control to make the link operational.
Basically, an auto-negotiation device advertises its abilities and detects the abilities of the remote device that it is
connected to, known as the link partner. After auto-negotiation has received the link partner's abilities in a robust
manner and it receives acknowledgment that its abilities have also been received by the link partner, autonegotiation compares the two sets of abilities and decides which technology to connect. This decision is based upon a
previously agreed priority of technologies. Auto-negotiation attaches the highest-performance common technology to
the medium and becomes transparent until the link goes down or is reset.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernets negotiable operation


Speed

Module 3 page 23

Network Domains
Switch

Bridge
Hub

2 Collision Domains,
1 Broadcast Domain
Router

1 Collision Domain,
1 Broadcast Domain
3 Broadcast Domains,
3 Collision Domains
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

24

All rights reserved 20062007 Alcatel-Lucent

A collision domain is a group of Ethernet or fast Ethernet devices in a CSMA/CD LAN that are connected by repeaters
and that compete for access in the network. Only one device in the collision domain may transmit at any one time,
and the other devices in the domain listen to the network to avoid data collisions. A collision domain is sometimes
referred to as an Ethernet segment.
A broadcast domain is a restricted area in which information can be transmitted for all devices in the domain to
receive. More specifically, Ethernet LANs are broadcast domains. Any devices attached to the LAN can transmit
frames to any other device because the medium is a shared transmission system. Frames are normally addressed to a
specific destination device in the network. While all devices detect the frame transmission in the network, only the
device to which the frame is addressed actually receives it. A special broadcast address consisting of all 1s is used to
send frames to all devices in the network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Resource

Module 3 page 24

Collision Domains

Hub
Collision

Hub

Domain

Switch

Collision
Domain
Collision

Collision

Domain

Domain

Collision
Domain

Broadcast
Domain

Collision

Collision

Domain

Switch

Domain

Router

Broadcast

Hub

Domain

Broadcast

Hub

Domain
Collision
Domain

Hub

In this figure, there are 8 collision domains and 3 broadcast domains.


Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

25

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Hub

Module 3 page 25

Switching

Host B
2

00 00 A2 00 00 01

00 00 A2 00 00 02

Switch Forwarding Table


Node MAC Address Interface
00 00 A2 00 00 01
1
00 00 A2 00 00 02
2
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

26

All rights reserved 20062007 Alcatel-Lucent

Ethernet switches use the MAC address of the host. The switch dynamically learns which host MAC addresses are
associated with an interface and enters the address information into a MAC FDB.
When the switch receives an Ethernet frame, it looks at the destination MAC address of the frame, compares it to the
entries in its MAC FDB, and then transmits the frame out of the appropriate interface.
If no entry is found, the switch floods the frame out of all its interfaces.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Switch

Host A

Module 3 page 26

Building Up the MAC Forward/Filter Table

Step 2: The switch receives the frame on


1/1/1 and places source in MAC table.

1/1/1

Step 3: The destination is not in the MAC


table so the switch forwards the frame to
all ports except the source.

1/1/4

1/1/2

Step 4: Host B responds to Host A. The


switch adds the source address of Host B to
the MAC table.

1/1/3

Step 5: Host A and Host B can now send


unicast frames bidirectionally.
Step 6: Similarly, Host C and Host D will
send frames and populate the MAC table.

MAC Table
1/1/1
Host A
0000.8c01.
000A

Host B

Host C

Host D

0000.8c01 0000.8c01. 0000.8c01.0


.000B
000C
00D

1/1/2
1/1/3
1/1/4

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

0000.8c01.000A

Step 2

0000.8c01.000B

Step 4

0000.8c01.000C

Step 6

0000.8c01.000D
27

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Step 1: Host A sends a frame to Host B.

Module 3 page 27

Link Aggregation Groups (LAG) Characteristics

Based on IEEE 802.3ad standard


LAGs
y Increase bandwidth available between two network devices
y Provide redundancy if one or more links in the LAG should fail
LAGs are statically configured or formed dynamically with Link
Aggregation Control Protocol (LACP)
Failover time less than one second
Alcatel enhanced features:
y Dynamic cost
y LAG port threshold
y Support for up to 64 LAGs with 8 links per LAG

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

28

All rights reserved 20062007 Alcatel-Lucent

A LAG increases the bandwidth available between two nodes by grouping up to eight ports into one logical link. The
aggregation of multiple physical links allows for load sharing and offers seamless redundancy. If one of the links fails,
traffic is redistributed over the remaining links. Up to eight links can be supported in a single LAG, and up to 64 LAGs
can be configured on a 7x50 SR/ESS.
Link Aggregation Control Protocol (LACP) is defined in IEE802.3ad (Aggregation of Multiple Link Segments). LACP
provides a standardized method of implementing link aggregation among different manufacturers.
Link aggregation provides two important benefits:
increased performance - provides incremental bandwidth between two devices
increased resiliency - provides automatic, point-to-point redundancy between two devices

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Features and characteristics:

Module 3 page 28

LAG Configuration

A maximum of eight ports can be included in a LAG. All


ports in the LAG must share the same characteristics
(speed, duplex, hold-timer, etc.). The port characteristics
are inherited from the primary port.
Auto-negotiation must not be configured for 10/100 ports
that are part of a LAG. Ports in a LAG must be configured as
full duplex. Configure ports as no autonegotiate.
Example
configuration:

config> lag
config>lag#
config>lag#
config>lag#
config>lag#
config>lag#

1
description LAG from PE1 to PE2
port 2/1/1 2/2/1 3/1/1
port-threshold 2 action down
dynamic-cost
no shutdown

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

29

All rights reserved 20062007 Alcatel-Lucent

LAG Port Threshold parameter


This parameter determines the behaviour of a LAG when the number of available links falls below the configured
threshold value. Two actions can be specified:
Option 1: configure lag <lag-id> port-threshold <threshold value> action down
If the number of available links is less than the threshold value the LAG is declared operationally down until the
number of available links is equal to or greater than the threshold value.
Option 2: configure lag <lag-id> port-threshold <threshold value> action dynamic-cost
When the number of available links falls below the threshold value, dynamic costing is used to determine the
advertised LAG cost.
Note: The costing of a LAG only affects the IGP costing (OSPF only)
Dynamic Cost Parameter
Dynamic cost can be enabled with the general command config>lag <lag-id> dynamic-cost.
This parameter enables or disables the IGP costing of a LAG. When dynamic cost is enabled with this command and
the number of active links is greater than the port threshold value (0-7), the path cost is dynamically calculated
whenever there is change in the number of active links regardless of the specified port threshold action. Note that if
the port-threshold action is to declare the logical link down then if the number of active links is falls below the portthreshold value it will be declared down, even if dynamic-cost is enabled.
Conversely, if the port-threshold is met and the action is set to dynamic cost, then the link cost is dynamically
recalculated even if the general dynamic cost parameter is not configured.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

LAG configurations should include at least two ports.


Other parameter considerations include:

Module 3 page 29

LAG Architecture Dynamic Cost

LAG 1

Node 2

Node 1

1
port 2/1/1 2/2/1 3/1/1 3/2/1
port-threshold 3 action dynamic2
port 4/1/1 4/2/1 5/1/1
port-threshold 2 action down

LAG 2

Node 3

If each link in LAG 1 and LAG 2 has a cost of 100, then the cost of logical link
LAG 1 is 100/4=25 and LAG 2 is 100/3=33.

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

30

All rights reserved 20062007 Alcatel-Lucent

In the slide above, each physical link is configured with a cost of 100. Thus the cost of the logical link LAG 1 is
100/4=25 and LAG 2 is 100/3=33.
The LAG groups are configured as shown in the slide above. Thus, if two of the links in in LAG 1 fail, the logical link
cost is recalculated to be 100/2=50. For LAG 2, if two of the links fail, the logical link is declared operationally down.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

config> lag
config>lag#
config>lag#
cost
config> lag
config>lag#
config>lag#

Module 3 page 30

Ethernet Standards

10 Mb/s 10Base-T Ethernet twisted-pair or optical


100 Mb/s 100Base-T or Fast Ethernet twisted-pair or
optical
1000 Mb/s 1000Base-T or Gigabit Ethernet twisted-pair
or optical
10 000 Mb/s 10 Gigabit Ethernet optical only

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

31

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Four data rates are currently defined for operation over optical
fiber and twisted-pair cables:

Module 3 page 31

10Base-T Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

32

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Originally IEEE 802.3i; todays standard is 802.3x


Transmission rate with 802.3i is 10 Mb/s half-duplex, with
802.3x is 10 Mb/s full-duplex
Frame format was based on Ethernet II, also called DIX
Most networks today use the 802.3x frame format

Module 3 page 32

100Base-T Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

33

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IEEE standard is 802.3u


Full-/half-duplex modes, 100 Mb/s data rate
Cabling options:
100Base-TX 2 pairs of twisted-pair cable
100Base-T4 4 pairs of twisted-pair cable
100Base-FX Optical cable

Module 3 page 33

1000Base-T Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

34

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Also known as gigabit Ethernet or GigE


IEEE standard is 802.3ab
Full duplex mode only, 1000 Mb/s data rate
802.3ab specifies distances of 100 m using 4 pairs of Cat 5e
cabling

Module 3 page 34

10 Gigabit Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

35

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IEEE standard is 802.3ae


Full-duplex only, with 10 Gb/s data rate
Minimizes the user's learning curve by maintaining the same
management tools and architecture
Physical media used is optical only

Module 3 page 35

Ethernet Interface Types

Designation

Type

Wavelength

Distance

TX

Copper

100 m

100Base

FX

Optical SFP

1310 nm

2 km

Multimode

FX-SM

Optical SFP

1310 nm

25 km

Single-mode

TX

Copper

100 m

SX

Optical SFP

850 nm

550 m

Multimode

Gigabit
Ethernet

10 gigabit
Ethernet

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Fiber Type

LX

Optical SFP

1310 nm

10 km

Single-mode

ZX

Optical SFP

1550 nm

70 km

Single-mode

CWDM

Optical SFP

1470 nm to
1610 nm

70 km

Single-mode

LW/LR

Optical SFP

1310 nm

10 km

Single-mode

EW/ER

Optical SFP

1550 nm

40 km

Single-mode

SR

Optical SFP

850 nm

300 m

Multimode

LR

Optical SFP

850 nm

10 km

Single-mode

ZR

Optical SFP

1550 nm

80 km

Single-mode

Module 3 |

36

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet
10/100Base

Module 3 page 36

Section 2 Spanning Tree Protocol

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet Overview

Spanning Tree Protocol What Is It?

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

38

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link management protocol that is part of IEEE 802.1


Spanning tree algorithm provides path redundancy in
Ethernet bridge/switch networks
Provides 1 active path at a time between 2 bridges or
switches
Provides backup paths to the active path, should the active
path fail
Primary function is to avoid looping in redundant path
Ethernet networks

Module 3 page 38

Redundant Topology Without STP

y Necessary for the link of a switch failover


y Load balancing

Disadvantages:
y May cause broadcast storms
y May cause multiple frame copies to be sent
y May cause FDB table instability

Frame looping problems


Layer 2 has no mechanism to stop looping as layer 3 has
with TTL

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

39

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Redundancy
Advantages:

Module 3 page 39

Receiving Multiple Copies

Host B
Segment 1

Switch 1

Switch 2

Segment 2

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

40

All rights reserved 20062007 Alcatel-Lucent

In a network with built-in redundancy and no STP, the likelihood of receiving multiple copies of a frame is high. Most
protocols cannot recognize duplicate transmissions. The protocols that do use a numbered sequencing to track
transmitted packets will think that the numbers have reset or are recycled.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host
A

Module 3 page 40

Broadcast Storms

Host B
Segment 1

Switch 1

Broadcast

Switch 2

Segment 2

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

41

All rights reserved 20062007 Alcatel-Lucent

Networks that are designed with redundancy and no STP are vulnerable to the transmission of broadcast frames
because the switch receives multiple copies of a frame.
Because the switch receives multiple frames, it floods broadcast frames out of all ports with the exception of the
port the frame was received on. In a redundant network, this broadcast frame would perpetuate itself until the
switch resets because it gets overwhelmed with activity.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host A

Module 3 page 41

Database Instability

Segment 1
Unicast

Unicast
Switch 1

Port 0

Switch 2

Port 0
MAC Address DB

MAC Address DB
Host A

Port 0

Port 1

Port 1

Host A

Port 0

Host A

Port 1

Segment 2

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

42

All rights reserved 20062007 Alcatel-Lucent

Redundant networks without STP can also cause database instability.


In the slide above, Switch 1 and Switch 2 will map the MAC address of Host A to Port 0. Later, when the copy of the
frame arrives at Port 1 of Switch 2, Switch 2 must remove its original entry for Host A and replace it with the new
entry for Host A, mapping it to Port 1. This activity causes an unstable database as Switch 2 tries to keep up with the
actual location of Host A.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host B

Host A

Module 3 page 42

STP and IEEE 802.1d

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

43

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

STP is defined in 802.1d as a link management protocol


Initially developed in 1990, based on the ISO/IEC 10038
standard
Designed to provide path redundancy in Ethernet
bridge/switch-based networks, while preventing loops
STP uses a root/branch/leaf model, which determines a
single path to each leaf spanning the entire L2 network
End hosts (e.g., PCs) are oblivious to STP and instead see a
single LAN segment

Module 3 page 43

STP Port States

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

44

All rights reserved 20062007 Alcatel-Lucent

Each port on a switch that uses STP exists in one of the following five states.
Blocking A port in the blocking state does not participate in any frame forwarding. A switch always enters the
blocking state following switch initialization.
Listening This is the state that a port enters into after the blocking state when the STP has decided that this port
should participate in frame forwarding.
Learning A port enters into the learning state after the listening state. This is to prepare the forwarding tables for
frame forwarding.
Forwarding A port in the forwarding state forwards frames.
Disabled A port in the disabled state is non-operational.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1) Port enabled, by
management or
initialization
2) Port disabled, by
management or
failure
3) Algorithm selects
as Designated or
Root Port
4) Algorithm selects
as Blocked Port
5) Protocol timer
expiry (Forwarding
Timer)

Module 3 page 44

STP Port States and Activities

Part of active
topology

Learning of MAC
addresses

Disabled

No

No

Learning

No

Yes

Forwarding

Yes

Yes

Blocking
Listening

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

45

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

STP port state

Module 3 page 45

STP and BPDU


BPDU Packet
Protocol ID (2 bytes)
Version (1 byte)
Message type (1 byte)
Flags (1 byte)
Root ID ( 8 bytes)
Path cost (4 bytes)
Bridge ID (8 bytes)
Port ID (2 bytes)
Message age (2 bytes)
Maximum age (2 bytes)
Hello time (2 bytes)
Forwarding delay (2 bytes)

Configurable on each bridge


Configurable on root bridge
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

46

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The root bridge/switch sends STP


messages via BPDUs to the
branches/leaves.
On individual branches and
leaves, the user can specify IDs
and path costs.
The root bridge/switch sets the
forwarding delay, hello time, and
maximum age.
BPDU is sent in Ethernet frame
with the ports address as source
and the STP Multicast address
01:80:C2:00:00:00 as destination

Module 3 page 46

BPDU Packet Details

Always set to 0

Version

Always set to 0

Message type
Flags
Root ID
Root path cost
Bridge ID
Port ID
Message age
Maximum age
Hello time
Forwarding delay

Determines which of two BPDU types; configuration or TCN


Handle changes in the active topology
Contains the bridge ID of root bridge (after convergence, all BPDUs should
contain the same value)
Cumulative path cost of all links to the root bridge
Identifies the bridge that is transmitting the current configuration message
Contains a unique value for each port
Time stamp since the root bridge created this BPDU
Maximum amount of time this BPDU is saved
Time between configuration BPDUs
Time spent in the listening and learning states

Configurable on each bridge


Configurable on root bridge
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

47

All rights reserved 20062007 Alcatel-Lucent

STP performance is directly related to the root bridge/switch timer settings, which are outlined above in the final
three fields of the BPDU: Maximum age, hello time, and forwarding delay.
Maximum age Defines the maximum amount of time that any received STP information is kept. When this timer is
exhausted, the STP information is discarded. (typically 20 seconds)
Hello time Determines the frequency of transmitted hello messages to other bridges or switches (typically 2
seconds)
Forwarding delay Defines the amount of time the port stays in the learning and listening states (typically 15
seconds)
The setting of all these values affects how quickly the network converges to a stable, frame-forwarding topology.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Protocol ID

Module 3 page 47

STP in Action: State 1 Initialization

BPDU

BPDU

Root
Bridge/Switch

Boot Up

State 1 Initialization

BPDU

BPDU

Root
Bridge/Switch

Path Cost 10

Boot Up

Boot Up
Host A
Host B

Root
Bridge/Switch

Boot Up
BPDU

Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

BPDU

BPDU

Root
Bridge/Switch

BPDU

Path Cost 10

Module 3 |

48

All rights reserved 20062007 Alcatel-Lucent

A port in the Initialization state performs as follows:


Upon initialization every switch in the network assumes that it is the root and starts advertising this very fact in the
BPDU messages

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 48

STP in Action: State 1 Root Bridge/Switch Election

y After bridges/switches have initialized, root bridge election


occurs.
y Each bridge/switch has a user-assigned bridge priority.
y The bridge priority ranges from 0 to 65 535 (default is 32 768).
y Each bridge/switch sends its BID to every other bridge/switch.
The BID is 8 bytes: 2 for bridge priority and 6 that contain the
MAC address of the bridge/switch.
y Election of the root bridge is determined using the Bridge ID,
which is made up of the Priority and MAC address
the switch with lowest Bridge ID value is selected

y Any subsequent physical change in the network after election


of the root bridge will cause an STP recalculation.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

49

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Root bridge/switch election calculation:

Module 3 page 49

STP in Action: State 2 Root Bridge/Switch Election (continued)

BPDU

Path Cost 10

BPDU

BPDU

Priority - 32
MAC - 00-80-21-00-00-10

BPDU

Root
Bridge/Switch

Root
Bridge/Switch

BPDU

Root
Bridge/Switch

Host B

BPDU

Path Cost

Priority - 48
MAC - 00-80-21-00-00-20
Alcatel-Lucent Scalable IP Networks v1.1

BPDU

Host A

Root
Bridge/Switch
Path Cost 10

BPDU

Priority - 16
MAC - 00-80-21-00-00-10

Module 3 |

50

All rights reserved 20062007 Alcatel-Lucent

In this example, the two bridges/switches with the same priority will use their MAC addresses to decide which will be
root. In this case, it is the topmost bridge/switch that has the lower MAC address and is therefore the root.
A port in the blocked state
Discards frames received from the attached segment.
Discards frames switched from another port for forwarding.
Does not incorporate station location into its address database. (There is no learning at
this point, so there is no address database update.)
Receives BPDUs and directs them to the system module.
Does not transmit BPDUs received from the system module.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Priority - 16
MAC - 00-80-21-00-00-05

Path Cost 10

Module 3 page 50

STP in Action: State 2 Root Bridge/Switch Election (continued)

Path Cost 10
Leaf
Bridge/Switch

Root
Bridge/Switch

Priority - 32
MAC - 00-80-21-00-00-10

D
Host A

Leaf
Bridge/Switch

Host B

Leaf
Bridge/Switch

C
Path Cost

Priority - 48
MAC - 00-80-21-00-00-20
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Path Cost 10

2
Priority - 16
MAC - 00-80-21-00-00-10

Module 3 |

51

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Priority - 16
MAC - 00-80-21-00-00-05

Path Cost 10

Module 3 page 51

STP in Action: Path Calculation

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Link bandwidth STP cost value


4 Mb/s

250

10 Mb/s

100

16 Mb/s

62

45 Mb/s

39

100 Mb/s

19

155 Mb/s

14

622 Mb/s

1 Gb/s

10 Gb/s

Module 3 |

52

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Each port on a bridge/switch has


a path cost value assigned,
depending on bandwidth.
The accumulated path cost
determines the total cost to
reach the root bridge/switch.
Path cost values can be found in
the IEEE 802.1d standard.

Module 3 page 52

STP in Action: Port Designations

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

53

All rights reserved 20062007 Alcatel-Lucent

If both ports on a segment have equal cost to the root, then the bridge port with the lower bridge Id is elected as the
designated port and the other port becomes a non-designated port

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After bridges/switches have initialized, and root and leaf bridges


have been selected, each bridge port participating in the Spanning
Tree is assigned either the root/designated or blocking status
Ports on root bridge automatically become designated ports.
A switch/bridge that is not a root and has ports participating in
STP is referred to as a designated bridge/switch
Ports on designated bridge closest (least path cost) to the root
are elected as root ports. These ports receive the BPDUs from the
root
Non-root ports on the designated bridge providing the least cost
path from the segment (that the port is connected to) to the root
bridge are elected as designated ports.
Non-root ports on the designated bridge that do not provide the
least cost path from the segment (that the port is connected to)
to the root bridge are elected as non-designated ports and go into
the blocked state

Module 3 page 53

STP in Action: Port Designations

y The port that belongs to the bridge with the lower bridge id will be
elected as the designated port

If two non-root ports on the same bridge belonging to the same


segment have the same least path cost to the root bridge and
have the same bridge id, then
y The port with the lower port id will be elected as the designated port

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

54

All rights reserved 20062007 Alcatel-Lucent

If both ports on a segment have equal cost to the root, then the bridge port with the lower bridge Id is elected as the
designated port and the other port becomes a non-designated port

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

If the least path cost to the root bridge for non-root ports on a
segment are the same, then

Module 3 page 54

STP in Action: State 3 Port Designations

Path Cost 10

Designated
Port

Designated
Port

Root

Cost to Root 10

Root Port

Root Port

Cost to Root 10

SEGMENTS

Leaf

D
Host A
Leaf
Designated
Ports

Host B

Leaf

Root Port

C
Path Cost

NonDesignated
Port

Designated
Port
Path Cost 10

Cost to Root 20
Cost to Root 12

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

55

Note that in the Alcatel 7750 SR product line, the default is that STP is disabled.
To summarize, three values are used in the STP port calculations:

Port priority (has a default value but is configurable)

Per interface cost (dependent on bandwidth but is configurable)

Port MAC address

Root port Shortest path toward the root on a leaf, facing the root
Designated port Sends and receives frames on that segment
Blocked port Does not forward any frames

Scalable IP Networks v1.00

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Cost to Root 0
Path Cost 10

Module 3 page 55

STP in Action: State 3 Listening State

For
war
ded
Tr

affic

BPDUs

NM

ss
Me

es
ag

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

56

All rights reserved 20062007 Alcatel-Lucent

After STP has determined that the port will participate in frame forwarding, it puts the port into the listening state.
While in the listening state, the port can perform the following functions:

Discard any frames it receives from an attached Ethernet segment

Discard any frames another port on the bridge/switch passes to it to forward

Does not update the FDB when it receives updated BIDs

Receives and processes BPDUs both from the link and from the bridge/switch

Receives and processes network management traffic

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Bridge/Switch

Module 3 page 56

STP in Action: State 4 Learning State

For
war
ded
Tr

affic

BPDUs

NM

ss
Me

es
ag

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

57

All rights reserved 20062007 Alcatel-Lucent

Learning is the state that a port enters just before getting ready to participate in frame forwarding. The primary
function is to incorporate MAC addresses in the FDB.
In the learning state, the port does the following:

Discards frames received from an attached segment

Discards frames received from another port for forwarding

Updates its FDB with new address information

Receives and processes BPDUs both from the link and from the bridge/switch

Receives and processes network management traffic

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Bridge/Switch

Module 3 page 57

STP in Action: State 5 Final Forwarding Paths

Path Cost 10

A
Root

Leaf

D
Host A
Leaf

Host B

Leaf

C
Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

Path Cost 10

Module 3 |

58

All rights reserved 20062007 Alcatel-Lucent

A port in the forwarding state forwards frames. It enters this state from the learning state.
While in the forwarding state, the port can perform the following functions:

Forward any frames that it receives from an attached Ethernet segment

Forward any frames that another port in the bridge/switch passes to it to forward

Updates the FDB when it receives updated BIDs

Receives and processes BPDUs both from the link and from the bridge/switch

Receives and processes network management traffic

BPDUs are sent from the root to all the nodes including the PCs i.e host A and host B

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 58

STP in Action: Topology Changes

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

59

All rights reserved 20062007 Alcatel-Lucent

A topology change occurs when a switch either moves a port into the Forwarding state or moves a port from the
Forwarding or Learning states into the Blocking state. In other words, a port on an active switch comes up or goes
down. The switch sends a TCN BPDU out its Root Port so that, ultimately, the Root Bridge receives news of the
topology change.
The switch continues sending TCN BPDUs every Hello Time interval until it gets an acknowledgment from its upstream
neighbor. As the upstream neighbors receive the TCN BPDU, they propagate it on toward the Root Bridge and send
their own acknowledgments. When the Root Bridge receives the TCN BPDU, it also sends out an acknowledgment.
However, the Root switch sets the Topology Change flag in its Configuration BPDU, which is relayed to every other
switch in the network. This is done to signal the topology change and cause all other bridges to shorten their bridge
table aging times from the default (300 seconds) to only the Forward Delay value (default 15 seconds).
This condition causes the learned locations of MAC addresses to be flushed out much sooner than they normally
would, easing the bridge table corruption that might occur because of the change in topology. However, any stations
that actively are communicating during this time are kept in the bridge table. This condition lasts for the sum of the
Forward Delay and the Max Age (default 15 + 20 seconds).

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After spanning tree has converged, only a change in topology


causes the algorithm to be run again.
Topology change occurs when
A switch moves a port from blocking into the forwarding
state
A switch moves a port from the forwarding/learning state
into the blocking state
Switch will generate a TCN BPDU (no data) out of its root port
towards the root
Every other switch on the way to the root will relay the TCN
BPDU out its root port and send an acknowledge to the sending
switch
Root responds with a TC flag set in its BPDU towards the
downstream switches

Module 3 page 59

STP in Action Topology Change (Breaking a Link)

Path Cost 10

A
Root

Leaf
Wait 20
seconds (Max
age time)

I am the new
root

D
Host A
Leaf
Leaf
BPDU

Host B

C
Path Cost

Path Cost 10
BPDU

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

60

All rights reserved 20062007 Alcatel-Lucent

Given the topology above, the following actions occur when the link between switches A and D has loss of traffic.
1. BPDUs are sent by the root bridge every 2 seconds.
2. When the link between A and D breaks, the root port on D will wait for the maximum age time (20 seconds)
before deciding that the path between D and A is no longer operational.
3. During the maximum age time, the BPDUs received at Cs blocked port from D are discarded because C
considers these BPDUs to be inferior.
4. After the maximum age time, D thinks its the new root and advertises the new BPDUs to C

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 60

STP in Action Topology Change (Breaking a Link)

A
Root

Listen (15 seconds)


Learn (15 seconds)
Host A
Leaf
Leaf

BPDU

Host B

C
Path Cost

Path Cost 10
BPDU

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

61

All rights reserved 20062007 Alcatel-Lucent

Given the topology above, the following actions occur when the link between switches A and D has loss of traffic.
1. Switch C receives the BPDUs from Ds designated port and realizes that the Ds path to the root A switch is
broken. It has a better view to the root A.
2. Switch C then cycles the blocked port to D through listening states when it relays bridge As BPDUs to D
3. Switch D obtains the As BPDU from C and coverts the port into a root port since this is its only path to root A
and enters the listening state
4. Switch C and Ds ports then go through the learning state when data frames are now forwarded and MAC
learning takes place.
The total time required for convergence is:
Max Age Time + Listening + Learning = 20 + 15 + 15 = 50 seconds

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 61

STP in Action Topology Change (Breaking Link; Port disable)

Path Cost 10

A
Root

TBPDU

T BPDU

Leaf

D
Host A
Leaf
Leaf
TBPDU

Host B

C
Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

Path Cost 10

T BPDU

Module 3 |

62

All rights reserved 20062007 Alcatel-Lucent

Given the topology above, the following actions occur when the port on D is disabled
Switch A and D will detect a port down since the port on D is explicitly disabled
Switch D will remove its best BPDU it received from Switch A since its root port to A is down
Switch D will normally try to send a TCN BPDU out of its root port but since its root port is down, will not do so
Switch A will send a TBPDU (BPDU with T bit set) since its designated port is down out of its other designated port

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 62

STP in Action Topology Change (Breaking a Link; Port Disable)

A
Root

Listen (15 seconds)


Learn (15 seconds)
Host A
Leaf
Leaf

BPDU

Host B

C
Path Cost

Path Cost 10
BPDU

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

63

All rights reserved 20062007 Alcatel-Lucent

Given the topology above, the following actions occur when the link between switches A and D has loss of traffic.
Switch A being the root will generate a BPDU with the T bit set down to switch B, C and D
Switch C does not receive any BPDUs from D and will now transition its blocked port to a designated port and go
through the listening and the learning stages before setting it to forwarding
The total time required for convergence is:
Max Age Time + Listening + Learning = 15 + 15 = 30 seconds

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 63

STP in Action Topology Change (Adding a Switch)

BPDU

New Root
BPDU

BPDU

Path Cost 10

Path Cost 10

New Leaf

New BPDUs sent

Pa
th
C

os
t

BPDU

New switch E added

10

Leaf

B
D

Leaf

BPDU

BPDU

Host A
Host B

Path Cost 10

Root

Leaf

C
Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

BPDU

Module 3 |

64

Path Cost 10

All rights reserved 20062007 Alcatel-Lucent

What happens when a new switch is added to the existing topology?


In the figure above, a new switch E is added to the top right of the existing topology. This switch has a lower MAC
address than the current root. The following actions occur:
1. As soon as switch E starts it thinks that it is the root, it then advertises BPDUs to neighboring switches A and
D.
2. Switch A also sends BPDUs to E because A is still the root in the original topology.
3. Because E has a lower MAC address than A and its root bridge priority is the same as that of A, E becomes the
new root and starts advertising BPDUs to all other switches in the topology.
Note: In the figure above, the link between switch A and D no longer exists once switch E is added.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Priority - 16
MAC - 00-8021-00-00-05

Priority - 16
MAC - 00-80-2100-00-00

Module 3 page 64

STP in Action Topology Change (Adding a Switch)

Root

A
Path Cost 10

Path Cost 10

Leaf
Path Cost 10

Re-calculating topology
New blocked port

Cost to Root 20

Cost to Root 10

Listen (15 seconds)


Learn (15 seconds)

Host A
Leaf

Host B
Cost to Root 22

Leaf
Cost to Root 20

Leaf

C
Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

Path Cost 10

Module 3 |

65

All rights reserved 20062007 Alcatel-Lucent

1. All other switches in the topology set their ports to the listening state followed by the learning state, in
which no data traffic is forwarded.
2. After all BPDUs have converged and the roots and designated ports have been assigned, the switches
transition their ports from the listening state to the learning state.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Cost to Root 10

Module 3 page 65

STP in Action Topology Change (Path Cost Change)

Path Cost 10

Root
Leaf

Path Cost Change

D
Host A
Leaf

Host B

Leaf

C
New Path Cost

10

Path Cost

Alcatel-Lucent Scalable IP Networks v1.1

New Path Cost


Path Cost
Module 3 |

66

2
10

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the path between switches C and D is now the better path because the port costs between C and
D are changed from 10 to 2.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 66

STP in Action Topology Change (Path Cost Change)

BPDU

Path Cost 10
BPDU

BPDU

BPDU

Root
Leaf

Path Cost Change


Switch C receives BPDU
With new costs

BPDU

BPDU

Host A
Leaf

Host B

Leaf

C
Path Cost

Path Cost

10

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

67

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the path between switches C and D is now the better path because the port costs between C and
D are changed from 10 to 2.
Switch C will now get BPDUs from the root A with different cumulative costs.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path Cost 10

Module 3 page 67

STP in Action Topology Change (Path Cost Change)

Path Cost 10

Root
Cost to Root 10

Path Cost Change

Cost to Root 10

Topology changed

D
Host A
Leaf

Listen (15 seconds)

Host B

Learn (15 seconds)

Leaf
Leaf

C
Path Cost

Path Cost

10
Cost to Root 20

Alcatel-Lucent Scalable IP Networks v1.1

Cost to Root 12

Module 3 |

68

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the path between switches C and D is now the better path because the port costs between C and
D are changed from 10 to 2.
The following actions occur:
1. Switch C upon receiving BPDUs from the root A via B and D and realizes that the cumulative cost to the root
has changed. It will therefore switch both its ports to the listening and the learning state
2. It will then decide that the cumulative cost to root A via B is more than the cumulative cost to root A via D.
3. The ports between C and D change to the forwarding state and the ports between B and C are now blocked.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Cost to Root 0

Path Cost 10

Module 3 page 68

Spanning Tree Exercise

Priority - 16
MAC - 00-80-21-00-00-10
Priority - 16
MAC - 00-80-21-00-00-20

Priority - 16
MAC - 00-80-21-00-00-30

10

10

C
10
10

10

Priority - 16

MAC - 00-80-21-00-00-40

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

69

All rights reserved 20062007 Alcatel-Lucent

Steps to add Switch D to the existing Topology


1) Ports on switch D initialize on startup, D thinks its the root and
2) BPDUs are sent on each of the two ports and received from switches B and C simultaneously. Since a new port
facing D has been turned on switches B and C,
3) Both B and C will send a TCN BPDU to the root out of their respective root ports and they will also forward As
BPDU to the new switch D
4) Switch D upon receiving As BPDU realizes that it cannot be the root since A has a lower MAC address. It now has
to transition both of its ports into designated ports
5) Switch D now obtains As BPDU from both B and C and therefore has to make a decision as to which port it needs
to block.
6) Since both ports on D are equal cost away from the root, D examines the sender bridges id i.e. MAC address of B
and MAC address of C in the BPDUs.
7) Bs MAC address is smaller, therefore D will block its port towards C. It will then transition its port towards B as a
root port and go into the listening state.
8) In the meantime the TCN BPDU generated by B and C towards the root, will be acknowledged by the root A
setting the TCA bit on its timely BPDU configuration messages
9) All switches upon receiving this BPDU will set their MAC database flush timer to 15 seconds from the original 300
seconds
10) The root port on D will now go into the learning state after the listening state where it will now receive all the
end station data and finally the STP topology is converged

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Highlight the steps that will ensure that Switch D is


added to the existing Bridge topology using STP

Module 3 page 69

Section 3 Rapid Spanning Tree

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet Overview

What is RSTP?

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

71

All rights reserved 20062007 Alcatel-Lucent

The major advantage of RSTP over STP is rapid convergence: the network takes less than 5 seconds to converge to a
forwarding topology. STP can take up to a minute for a similar-sized network.
RSTP was the natural evolution of STP. As the demands on the network became more critical, the existing STP
convergence time was no longer adequate. The terminology used with RSTP remains basically unchanged.
Note that RSTP is disabled by default on all 7750 SR products.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

What is RSTP?
Stands for rapid spanning tree protocol
An evolution to the loop prevention algorithm (STP) from
802.1d
New IEEE specification is 802.1w
Achieves rapid failover and convergence times
Unlike STP, RSTP is not timer-based
Allows backward compatibility with 802.1d STP
Why do we need RSTP?
Network topology convergence is significantly faster than
STP

Module 3 page 71

STP vs. RSTP Port States

RSTP port state

Part of active
topology

Learning of MAC
addresses

Disabled

Discard

No

No

Learning

Learning

No

Yes

Forwarding

Forwarding

Yes

Yes

Blocking
Listening

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

72

All rights reserved 20062007 Alcatel-Lucent

In STP, the port states were confusing because STP mixed the state of the port (blocking or forwarding traffic) with
the role it played in the topology (root port, designated port, or neither).
For example, ports in the blocking state and listening state are operationally similar: they both discard frames and do
not learn MAC addresses. In addition, when a port is in the forwarding state, there is no way to infer that it is a root
or designated port.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

STP port state

Module 3 page 72

STP vs. RSTP Port Roles

Port states

STP port role


(assigned by STP
algorithm)

Forwarding

Root

Root

Designated

Designated

Blocked

Backup

Blocked

Alternate

Blocking

Alcatel-Lucent Scalable IP Networks v1.1

RSTP port role


(configurable)

Module 3 |

73

All rights reserved 20062007 Alcatel-Lucent

The major difference between STP and RSTP is that the port roles are configurable in RSTP, while in STP they were
determined by the algorithm. This adds more time for the network topology to converge in STP when there is a
change in the topology due to failure or redesign.
In STP, the port roles were either forwarding or blocking. RSTP is granular when approaching the roles of the ports.
The switch is now able to define which forwarding port is a root port or a designated port. The switch can also elect
backup and alternate ports for faster recovery from a failure.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Role A new variable assigned to a bridge port

Module 3 page 73

Alternate Port

Designated Port

Designated Port

Root Port

Alternate Port

Root Port

Designated Port
BPDU

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

74

All rights reserved 20062007 Alcatel-Lucent

The alternate and backup ports are blocking ports; however, they have been selected to be the ports that are turned
on in the event of a failure. The alternate port resides on a different switch than the designated port.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Root

Module 3 page 74

Backup Port

Designated Port

Designated Port

Root Port

Alternate Port

Root Port

Backup Port

Designated Port

BPDU

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

75

All rights reserved 20062007 Alcatel-Lucent

The alternate and backup ports are blocking ports; however, they have been selected to be the ports that are turned
on in the event of a failure. The backup port resides on the same switch as the designated port.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Root

Module 3 page 75

RSTP BPDU Format

Version (1 byte)
Message type (1 byte)
Flags (1 byte)
Root ID ( 8 bytes)

Configurable

Path cost (4 bytes)


Bridge ID (8 bytes)
Port ID (2 bytes)
Message age (2 bytes)
Maximum age (2 bytes)

Configurable
on root bridge

Hello time (2 bytes)

Bit 0 Topology change


Bit 1 Proposal
Bit 2, 3 Port role
0 0 Unknown
0 1 Alternate/backup
1 0 Root
1 1 Designated
Bit 4 Learning
Bit 5 Forwarding
Bit 6 Agreement
Bit 7 Topology change ACK

Forwarding delay (2 bytes)


Version 1 length (2 bytes)

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

76

All rights reserved 20062007 Alcatel-Lucent

In the slide above, only the shaded fields have been changed to support RSTP. As shown, the major change is with the
Flags field. In STP, only bits 0 and 7 were identified. RSTP now makes full use of the entire octet.
The message type is now 2, and the version is 2 (this allows 802.1w bridges to detect legacy 802.1d bridges).

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Protocol ID (2 bytes)

Module 3 page 76

STP vs. RSTP BPDUs

RSTP

BPDU
handling

Non-root bridge only transmits


BPDUs when it receives one on
the root port

Bridge sends BPDU at hello time


intervals

Aging

BPDU is aged after the max-age


timer expires (and no BPDU is
received on the port)

BPDUs are used like keepalive


messages (after 3 BPDUs in a row
are missed it ages it out)

Accepting
inferior
BPDUs

Inferior BPDU is accepted and


previously stored information
may be replaced

Transition to Based on timers (Forward Delay Uses a feedback mechanism (no


and Max-Age)
timers involved)
forwarding
state
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

77

All rights reserved 20062007 Alcatel-Lucent

BPDU handling STP only generates a BPDU when it receives one on its root port. This is time-consuming as it
renders bridges more as BPDU relayers than generators. This change in RSTP greatly improves BPDU handling
efficiency.
Aging In RSTP, due to the way BPDUs are now handled, they can serve as keepalive timers from bridge/switch to
bridge/switch. If 3 BPDUs are missed in a row, the bridge/switch considers either the direct neighbor or the
designated bridge/switch as unreachable. This results in much faster failure detection.
In STP, this would not be possible, and if the max age expires, the neighbor cannot be assumed to be down. It would
only indicate that somewhere along the path from the port with the max age expired to the root bridge/switch,
there is a failure.
Accepting inferior BPDUs This concept is new to RSTP and does not exist in STP. Inferior BPDUs are control
information received on a switch that is older than the control information stored on the switch. Accepting inferior
information from the designated or root bridge/switch means that the network can recover far more quickly from
topology failures.
Transition to forwarding state This RSTP feature is the key factor in the improvement of topology convergence.
This topic is covered in more detail on the next slide.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

STP

Module 3 page 77

STP vs. RSTP Topology

Topology
change
notification

Sends TCN BPDUs toward root

Sends BPDUs (with TC bit set) on


all designated and root ports

Topology
ACKs

Replies with BPDU with TCA bit


set

No acknowledgement (clears MAC


addresses on all ports)

Topology
change

First sent to root bridge/switch, 1-step process (topology change


then relayed from root all the
flooded quickly across the
way to the leaf bridge/switch
network)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

RSTP

Module 3 |

78

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

STP

Module 3 page 78

RSTP Operation

DU
BP

RP

DP

ex
ch

AP

BP
DU

RP

BP
DU

DP

an
ge

U
BPD

BP
DU

RP
U
BPD

DP
BP
DU

DP

RP

DP

DU
BP

DP

AP

RP

3 BPDUs missing
BPDU

BPDU With TC
bit set

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

79

All rights reserved 20062007 Alcatel-Lucent

1. The link between C and E breaks


2. E doesnt get 3 BPDUs in a row and realizes that its port to the root is broken
3. C also realizes that it hasnt received 3 BPDUs in a row from E and concludes that there must be a topology
change between C and E
4. It generates a BPDU with TC bit set and floods this out its root port. Switch B receives this BPDU and sends it out
all its forwarding ports
5. All switches receiving this BPDU with the TC bit set send this out of all its forwarding ports
6. E now thinks its a root since it doesnt process any BPDUs received from D. It then transitions its port to D into
the forwarding state
7. It exchanges BPDU with D indicating to D that it is the root
8. D replies back with a BPDU indicating that it knows of a better root which is A
9. E then changes its port into a root port

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Root

Module 3 page 79

Section 4 Virtual LAN

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet Overview

Switches and VLANs

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

81

All rights reserved 20062007 Alcatel-Lucent

On the 7750 SR and 7450 ESS there is no default VLAN for all ports to join. Other types of switches may have a
default VLAN for ports that are not assigned to a particular VLAN.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A VLAN permits a group of ports to share a common


broadcast domain regardless of physical location.
A VLAN can reside on 1 switch or on many switches.
Each VLAN is identified by a VLAN ID.
Devices in different VLANs can only communicate with each
other if the frame is first sent to a layer 3 device (a router).

Module 3 page 81

Why VLANs?

100
Broadcast
traffic as a
percentage of
network
capacity
Hierarchical
networks

100

Network nodes
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

82

All rights reserved 20062007 Alcatel-Lucent

There are two main reasons for the development of VLANs: the amount of broadcast traffic and increased security.
Broadcast traffic increased in direct proportion to the number of stations in the LAN. The goal of the VLAN is the
isolation of groups of users so that one group is not interrupted by the broadcast traffic of another.
VLANs also have the benefit of added security by separating the network into distinct logical networks. Traffic in one
VLAN is separated from another VLAN as if they were physically separate networks. If traffic is to pass from one VLAN
to another, it must be routed.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Flat networks

Module 3 page 82

How Do VLANs Work?

Port 1
Internal switch
VLAN 101

Port 5

Port 6

Port 2
Internal switch
VLAN 102

Port 7
Port 3
Internal switch
VLAN 103

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

83

All rights reserved 20062007 Alcatel-Lucent

In the figure above, VLANs subdivide the Ethernet switch into multiple switches. Note that there are no logical
interconnections between these internal switches. Therefore, the broadcast traffic that is generated by a host in a
VLAN stays within that VLAN, making the VLAN its own broadcast domain. Because broadcast traffic for a particular
VLAN remains within that VLANs borders, inter-VLAN or broadcast domain communication must occur through a layer
3 device such as a router.
Hosts are not VLAN-aware, and therefore no 802.1q configuration is required on the hosts. The VLAN configuration is
done within the switch and ports are assigned on a VLAN-by-VLAN basis.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet switch

VLAN 101
VLAN 102
VLAN 103

Module 3 page 83

VLAN Exercise

Broadca
st

VLAN 102

VLAN 101

VLAN 102

Bro
adc
ast

VLAN 101

Host 2

Host 4

Switch 1

Host 1 sends out a broadcast. Which hosts will receive the broadcast?

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

84

All rights reserved 20062007 Alcatel-Lucent

In the figure above, Host 1 sends out a broadcast. Because Host 4 is the only other member of the VLAN, it is the only
host to receive the broadcast.
The FDB entries behave much the same way in the VLAN model as they do in the switch model: they are updated
based on the source address. In the figure above, the source address of the broadcast frame is only learned by VLAN
101. VLAN 102 will not know the source address of Host 1 after Host 1 transmits its broadcast packet. Therefore, in a
VLAN environment, a separate FDB is kept for each VLAN. In the example above, this means that VLAN 101 will never
learn about Host 3 or Host 2 unless it is manually configured or interconnected at layer 3.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host 3

Host 1

Module 3 page 84

VLANs across Multiple Switches

Switch 1

Switch 2

Alcatel-Lucent Scalable IP Networks v1.1

Switch 3

Module 3 |

85

All rights reserved 20062007 Alcatel-Lucent

The standard that governs VLAN identification between switches (also known as tagging) is 802.1q.
This standard stipulates that a 4-octet header/tag be inserted in the Ethernet frame between the source address and
the type/length fields.
Tags are the key component that allows 802.1q to function, and they are the method with which Ethernet frames can
be associated with a VLAN segment.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VLAN 101
VLAN 102
VLAN 103

Module 3 page 85

VLANs over Multiple Switches

MAC FDB VLAN 101

Switch 1

MAC FDB VLAN 102

Separate
Physical
Interfaces

MAC FDB VLAN 103

MAC FDB VLAN 101


Switch 2

MAC FDB VLAN 102


MAC FDB VLAN 103

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

86

All rights reserved 20062007 Alcatel-Lucent

The sharing of VLANs between switches is achieved by the insertion of a header with a 12-bit VID, which allows for
4094 possible VLAN destinations for each Ethernet frame.
A VID must be assigned for each VLAN. Assigning the same VID to VLANs on different connected switches can extend
the VLAN (broadcast domain) across a network.
The 802.1q standard works by inserting a 32-bit VLAN header into the Ethernet frame of all network traffic of the
VLAN. The VID uses 12 bits of the 32-bit VLAN header. The switch then uses the VID to determine which FDB it will
use to find the destination. After a frame reaches the destination switch port, the VLAN header is removed.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VLAN 101
VLAN 102
VLAN 103

Module 3 page 86

VLAN Trunking

MAC FDB VLAN 101

Switch 1

MAC FDB VLAN 102


MAC FDB VLAN 103

MAC FDB VLAN 101

Switch 2

MAC FDB VLAN 102


MAC FDB VLAN 103

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

87

All rights reserved 20062007 Alcatel-Lucent

VLAN trunking provides efficient inter-switch forwarding of VLAN frames. In the previous example, each VLAN
required its own inter-switch connections to forward frames from one switch to another.
VLAN trunking allows a single Ethernet port to carry frames from multiple VLANs. This allows the use of a single highbandwidth port, such as a gigabit Ethernet port, to carry the VLAN traffic between switches instead of multiple fast
Ethernet ports.
VLANs are separated within the trunk based on their VLAN IDs (Q tags). The FDB at the destination switch designates
the destination VLAN for the traffic on the VLAN trunk.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VLAN 101
VLAN 102
VLAN 103

Module 3 page 87

VLAN Tagging

Preamble

SFD DA

SA

VLAN Length
tag /Type

P a y l o a d (46 to 1500 bytes)

FCS

Length of the
MAC frame + 4 bytes
2 bytes

802.1q tag type (value 81 00)

3 bits

2 bytes

Tag control information

1 bit

User_priority

12 bits

VLAN_ID
CFI
(Canonical format: bit ordering
ordering can be different)

Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

88

All rights reserved 20062007 Alcatel-Lucent

The VLAN header can be broken down into two parts: the VLAN tag type and the tag control information.
The tag type is a fixed value that is an indicator of a VLAN tag. It indicates that the Length/Type field can be found a
further 4 bytes into the frame. Because the frame is a Q-tag frame and is longer, it needs to indicate that the
Length/Type field is offset from the traditional location by 4 bytes.
The tag control information has three parts:
Priority value A 3-bit value that specifies a frames priority.
CFI A single bit. A setting of 0 means that the MAC address information is in its simplest form. Currently no other
value is supported.
VID A 12-bit value that identifies the VLAN that the frame belongs to. If the VID is 0, the tag header contains only
priority information.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

802.1q Ethernet Frame

Module 3 page 88

VLAN Stacking More VLANs

VLAN 10-300

VLAN 10-300
10-300

data

10-300

data

CE

CE
Customer 2

10-300

20
data

CE
Customer 3

10-300

VLAN 10-300

data
10-300

200

10-300

data

35

10-300

data

data

CE
Customer 2

Customer 1

VLAN 10-300
10-300

Customer 1

PE

PE

VLAN 10-300

data

VLAN 10-300

VLAN 20
10-300

Customer 2

data

VLAN 200
CE

Customer 3

CE

VLAN 35
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

89

All rights reserved 20062007 Alcatel-Lucent

A restriction of Ethernet VLANs is the limited number of VIDs. With 12 bits used to define the VID, there are only 4096
possibilities. Because VLAN 0 and 4095 are reserved, the PE is really only capable of supporting 4094 VLANs not a
significant number if it is compared with the expanding rates of networks.
One of the solutions to this restriction is VLAN stacking, also known as Q-in-Q. VLAN stacking allows the service
provider to use layer 2 protocols to connect customer sites. In the figure above, 3 customers are connected through a
common switch using VLAN stacking.
At the PE, the administrator has assigned a VLAN to represent the customer on that port. When the customers traffic
arrives at the PE device, the PE switch simply inserts another VLAN tag in the frame. It is this second or stacked VLAN
tag that takes the customers traffic through the providers network. At the egress port of the PE equipment, the
second or stack VLAN tag is removed and the traffic forwarded out the port.
This allows Customers 1, 2, and 3 to use the same VLAN tags in their network. In theory, the service provider can
support 4094 customers, with each customer supporting 4094 VLANs within their network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Customer 3

Customer 1

Module 3 page 89

VLANs Stacking More VLANs (continued)

DA

SA

VLAN Length
tag /Type

P a y l o a d (46 to 1500 bytes)

FCS

Providers VLAN Tag 20


Customer VLAN Tag 100

DA

SA

VLAN VLAN Length


tag tag /Type

Alcatel-Lucent Scalable IP Networks v1.1

P a y l o a d (46 to 1500 bytes)

Module 3 |

90

FCS

All rights reserved 20062007 Alcatel-Lucent

In the figure on the previous slide, Customer 1 has sent a frame to the PE switch with a VLAN tag of 100. The PE
switch inserts a second VLAN tag of 20. This tag number represents Customer 1 traffic. The second tag keeps
Customer 1 traffic separate from Customer 2 and 3 traffic and gives Customer 1 the ability to add 4095 more
associated VLANs.
The VLAN tag that is inserted by the provider is the VLAN tag that is used in the provider network. When the frame
has reached the appropriate egress port, the providers VLAN tag is removed and the frame with the customers VLAN
tag is forwarded out the egress port.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Customer VLAN Tag 100

Module 3 page 90

Section 5 Multiple Spanning Tree Protocol

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Ethernet Overview

Multiple Spanning Tree Protocol (MSTP)


What is MSTP?
Why do we need MSTP?
Differences: MSTP vs. STP
Where to use MSTP
y Example

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

92

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 3 page 92

Multiple Spanning Tree Protocol

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

93

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

What is MSTP?
An IEEE standard that allows more than one instance of STP
A natural progression from RSTP, introduced in 2003 as part of
802.1s
Why do we need MSTP?
Allows load balancing of network between different sets of VLANs
Allows a set of VLANs to run a single instance of the spanning tree
while another set runs another instance of the spanning tree
Some early versions of MSTP, before 802.1s, used a single STP
instance per VLAN, which was very CPU-intensive. MSTP lowers
CPU usage in these instances.
Reduce overhead of BPDUs as otherwise they're sent for every
VLAN
Interoperability
Scalabitility

Module 3 page 93

Standard STP

Switch A

VLAN 1-500

Root

VLAN 501-1000
Leaf
Leaf

R
A

Switch C

Switch B
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

94

All rights reserved 20062007 Alcatel-Lucent

In a common spanning tree, all VLANs are mapped to the same spanning tree instance. This leads to under-utilized
links and possible communication interruptions.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Port States
D - Designated
R - Root
A - Alternate

Module 3 page 94

MSTP

Switch A

VLAN 501-1000

VLAN 1-500

R D

R D
A

D
Switch C

Switch B
Alcatel-Lucent Scalable IP Networks v1.1

Module 3 |

95

All rights reserved 20062007 Alcatel-Lucent

With MSTP, each VLAN or range of VLANs is mapped to a separate instance of STP. This allows for better utilization of
the network. As shown in the figure above, MSTP permits multiple root switches in a network. In one instance of the
spanning tree a port may be blocking, but another instance may use that port for forwarding.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Port States
D - Designated
R - Root
A - Alternate

Module 3 page 95

Module Summary

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

96

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Provided an overview of Ethernet and the various types of


Ethernet frames
Discussed the operation of an Ethernet switch and how MAC
addresses are dynamically learned
Discussed the concept and reasons behind STP
Compared STP and RSTP
Discussed the concepts of VLANs and why they are used
Discussed VLAN stacking and why it is used
Discussed the use of MSTP and how it can be used with
VLANs

Module 3 page 96

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

97

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. What is the purpose of using a spanning tree protocol?


A. Prevent routing loops
B. Maintain redundant paths in a switched environment
C. Build forwarding tables
D. Prevent switching loops
2. The forwarding port leading away from the root bridge is known as
what?
A. Backup port
B. Designated port
C. Root port
D. Alternate port
3. When would it be appropriate to use the multiple spanning tree
protocol?
A. When using VLANs
B. In a simple switched network
C. When crossing broadcast domains

Module 3 page 97

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 3 |

98

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

4. How is the root bridge/switch selected?


A. Election process using the highest bridge ID
B. Election process using the lowest bridge ID
C. Election process based on the port priority
D. Election process based on the port MAC address
5. When would CSMA/CD be invoked?
A. When multiple hosts share the same medium
B. When a single host is directly connected to a single switch port
C. CSMA/CD is no longer used
6. What is the primary difference between STP and RSTP?
A. Basically the same except RSTP is easier to install
B. STP uses the concept of backup and alternate ports
C. RSTP uses the concept of backup and alternate ports

Module 3 page 98

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 4 IP Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Discuss the concept of IP address classes
Calculate IP subnets
Calculate variable length subnet masks
Discuss the concept of CIDR
Discuss the value of route summarization
Calculate routing entries as a result of route summarization
Conduct basic network design
Configure and verify layer 3 interfaces on the 7750 SR and
7450 ESS switches

Module 4 page 2

Section 1 IPv4 address

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

Internet Protocol

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

The Internet Protocol (RFC 791) provides services that are roughly equivalent to the OSI network layer. IP provides a
datagram (connectionless) transport service across the network. This service is sometimes referred to as unreliable
because the network does not guarantee delivery or notify the end host system about packets lost due to errors or
network congestion. IP datagrams contain a message, or one fragment of a message, that may be up to 65 535 bytes
(octets) in length. IP does not provide a mechanism for flow control. This is taken care of by the transport layer.
IP supports a whole range of application protocols, such as ICMP, and ARP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Packet-based protocol used to exchange information


Equivalent to the OSI network layer
Provides addressing, fragmentation, reassembly, and
protocol demultiplexing
Enables the routing of information

Module 4 page 4

IPv4 Packet

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

Version Always set to the value 4, which is the current version of IP


IHL IP Header Length: Number of 32-bit words forming the header, usually five
ToS, now known as DSCP Usually set to 0, but may indicate particular QoS needs from the network. The DSCP
defines the way routers should queue packets while they are waiting to be forwarded
Size of Datagram In bytes, the combined length of the header and the data
Identification 16-bit number that, together with the source address, uniquely identifies this packet; used during
the reassembly of fragmented datagrams
Flags Sequence of three flags (one of the four bits is unused) used to control whether routers are allowed to
fragment a packet (i.e., the Don't Fragment [DF] flag), and to indicate the parts of a packet to the receiver
Fragmentation Offset Byte count from the start of the original sent packet, set by any router that performs IP
router fragmentation
Time To Live Number of hops/links that the packet may be routed over, decremented by most routers (used to
prevent accidental routing loops)
Protocol SAP that indicates the type of transport packet being carried (e.g., 1 = ICMP, 2= IGMP, 6 = TCP, 17 = UDP)
Header Checksum 1s complement checksum inserted by the sender and updated whenever the packet header is
modified by a router. Used to detect processing errors introduced into the packet inside a router or bridge in which
the packet is not protected by a link-layer cyclic redundancy check. Packets with an invalid checksum are discarded
by all nodes in an IP network.
Source Address IP address of the original sender of the packet
Destination Address IP address of the final destination of the packet
Options Not normally used, but when used, the IP header length is greater than five 32-bit words to indicate the
size of the options field

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 page 5

IPv4 Addressing

IP address example: 192.168.2.100

Binary equivalent: 11000000.10101000.00000010.01100100

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

An IP address is 32 bits long and is in binary format, normally expressed by four decimal numbers. Each decimal
number is separated by a dot. This format is called dotted-decimal notation.
The dotted-decimal format divides the 32-bit IP address into four octets of 8 bits each. These octets specify the
value of each field as a decimal number, as shown in the slide above.
The range of each octet is from 0 to 255.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

An IP address is a unique L3 identifier of computers, routers,


and devices in an IP network.
The 32-bit address is in dotted-decimal format, with each octet
separated by a period.

Module 4 page 6

IPv4 Addressing (continued)

Host Number

Network Number

OR

Network Prefix

Alcatel-Lucent Scalable IP Networks v1.1

Host Number

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

The first part of an IP address identifies the network that a host would reside in. The second part of an IP address
identifies an individual host inside that network. This creates a two-level hierarchy, as shown in the slide above.
All hosts in a given network share the same network prefix. However, the host numbers must be unique to each host.
Conversely, hosts with different network prefixes may share the same host number.
Note: The size of the network/host portions can be adjusted, as shown in the following slides.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

32 Bits

Module 4 page 7

IPv4 Address Classes

7 8
Host

Class B

31

Network

10

15 16
Network

Class C

11 0

31
Host

23

24

31
Host

Network

32 bits

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

When addresses were first being assigned, it was decided that, to provide some form of flexibility to support the
various sizes of networks that were being implemented, the IP address space be divided into classes.
The classes were defined as Class A, Class B, and Class C. This is referred to as classful addressing because the
address space is split into predefined sizes. As shown above, each class defines the boundary between the network
and host at a different octet within the 32-bit address.
Class A (1 to 126) A Class A network has an 8-bit network prefix and, as shown above, the highest-order bit is
always set to 0. This allows for a maximum of 128 networks that can be defined; however, 2 out of the 128 networks
are reserved. The 0.0.0.0 network is reserved for default routes, and the 127.0.0.0 network is reserved for loopback
functions.
Class B (128 to 191) A Class B network has a 16-bit network prefix and, as shown above, the two highest-order bits
are always set to 10. A maximum of 16 384 networks can be defined.
Class C (192 to 223) A Class C network has a 24-bit network prefix and, as shown above, the three highest-order
bits are always set to 110. A maximum of 2 097 152 networks can be defined.
Classes D (224 to 239) and E (240 to 255) Class D is used for multicast addresses (used in applications such as
OSPF), and Class E is used for scientific purposes.
The concept of classes never envisioned the enormous growth of the Internet. Many of the addressing problems can
be traced back to this early classification of the IP address space.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Class A

Module 4 page 8

Unique IP Addressing

172.16.0.1

Hosts

172.5.0.4

Network

Network

Hosts
172.16.0.2

192.168.0.1
Network
172.5.0.3

192.10.0.4
10.0.0.2

10.0.0.1

192.10.0.3

172.5.0.2

192.10.0.2
Network
172.5.0.1

Network
192.10.0.1

Each node that uses the TCP/IP protocol suite has


a unique 32-bit logical IP address.
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

All rights reserved 20062007 Alcatel-Lucent

A routers function is to separate broadcast networks. In the figure above, each router is connected to 2 or 3
networks via 2 or 3 interfaces. Every interface is identified by an IP address. The interfaces in the same network
belong to the same network prefix or network class.
There are 5 networks in the figure above:
Class C

192.168.0.0
192.10.0.0

Class B

172.5.0.0
172.16.0.0

Class A

Scalable IP Networks v1.00

10.0.0.0

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

192.168.0.2

Module 4 page 9

IP Global Address Assignments

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

10

All rights reserved 20062007 Alcatel-Lucent

Under the current IP addressing scheme (often known as IPv4, eventually to be replaced by IPv6), the address space is
divided into two types: public address space and private address space. Understanding the difference is important
and useful for a network administrator, especially if your organization is connected to the Internet. All of the public
address space (IP addresses) that are routable via the Internet are managed by one of the three RIRs. Each RIR is
responsible for a geographic region. (Don't confuse RIRs with the InterNIC [http://www.internic.net] and its
designated registrars, such as Network Solutions, Inc. They handle domain name registration, not address
registration.)
The IANA distributes IP addresses to the RIRs.
You must request address space, and IANA will either grant or deny your request. Alternatively, you can request the
address space from your ISP (who then, in turn, allocates from its ARIN-allotted address space, or makes the request
on your behalf).
This system preserves address space and provides a central authority to prevent address-space collisions. When you
are using a public address, you can send to and receive from all (non-broken) parts of the Internet. This means that
all routers on the Internet have an idea about how to route your IP address toward you. Because of this, not all
address space is portable. If you own your address space, you can authorize an ISP to route it for you, but there is a
chance that when you change providers or locations, it will no longer be possible to route your IP addresses to the
new location. (You might, therefore, want to check before you travel with your address space.)
IANA has reserved the following three blocks of the IP address space for private internets (local networks):
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
In addition, IP addresses in the range of 169.254.0.0 to 169.254.255.255 are reserved for automatic private IP
addressing. These IP addresses should not be used on the Internet.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Global addressing is provided by IANA.


Major organizations of the world all have specific address
assignments.
Address assignments are available at RFC 1466
http://www.iana.org/assignments/ipv4-address-space.
The Alcatel IP address assignment is 138.120.0.0.
The addresses assigned by IANA are also referred to as
public addresses.
In addition, IANA reserves some addresses (referred to as
private addresses) to be used in private networks.

Module 4 page 10

IPv4 Addressing (Unicast/Broadcast)

y Example: 139.120.200.25

Broadcast address refers to all IP addresses in the broadcast


domain.
A routing update from a source to all hosts in a broadcast
domain (such as Ethernet) is referred to as a broadcast
update. The destination IP address in the update contains
the network number and all 1s for the host address.
y Example: 138.120.255.255 specified in the destination IP
header of a packet ensures that the packet will be delivered to
all hosts in the 138.120.0.0 network.
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

11

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Unicast address refers to a specific IP address.


A routing update from source to a specific destination
address is referred to as a unicast update. This update is
usually delivered to a single host or a single interface on
the router.

Module 4 page 11

IPv4 Addressing (Multicast/Anycast)

Anycast address
Any source or destination address but do not uniquely
identify a host
Updates are sent to the nearest host or service
No specific address ranges for anycast addresses
Supported differently in IPv6

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

12

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Multicast address
Used to address a group of hosts
Reserved addresses are used for specific applications
(224.0.0.0 to 239.255.255.255)

Module 4 page 12

Section 2 Subnet Introduction

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

Subnetting

10

15 16

31
Host

Network

23 24

16

31
Host

Subnet

Introduces an additional level of hierarchy in addressing.


Without subnetting, there are the network and host
portions.
With subnetting, there are the network, subnetwork, and
host portions.
Host space is now more efficiently used. For example, with
one network address, 6 or more subnetworks can be
created.
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

14

All rights reserved 20062007 Alcatel-Lucent

There are three main problems with classful addressing.


Lack of Internal Address Flexibility Big organizations are assigned large, monolithic blocks of addresses that do
not match the structure of their underlying internal networks well.
Inefficient Use of Address Space The existence of only three block sizes (Classes A, B, and C) leads to waste of
limited IP address space.
Proliferation of Router Table Entries As the Internet grows, more and more entries are required for routers to
handle the routing of IP datagrams, which causes performance problems for routers. Attempting to reduce inefficient
address space allocation leads to even more router table entries.
As shown in the slide above, these problems were resolved by adding another layer of hierarchy to the addressing
structure. Instead of being a simple two-level hierarchy, that defines the network prefix and host number, a third
level was introduced that defines a subnet number.
Adding a third level allowed network administrators the flexibility to manage their current network address in a
manner that best suited their needs by assigning a distinct subnet number for each of their internal networks.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Class B

Module 4 page 14

Subnet Masking

A subnet mask is a 32-bit number that accompanies an IP


address.
The mask indicates the network and the subnet.
Boolean logic is performed to differentiate the network and
subnet.
In a subnet, the first and last IP addresses are reserved.
The first address is the subnetwork.
The last address is reserved as a broadcast address for the
subnetwork.

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

15

All rights reserved 20062007 Alcatel-Lucent

A subnet mask is a 32-bit binary number that accompanies an IP address. It is created so that it has a one bit for each
corresponding bit of the IP address that is part of its network ID or subnet ID, and a zero for each bit of the IP
addresss host ID. The mask thus tells TCP/IP devices which bits in the IP address belong to the network ID and subnet
ID, and which are part of the host ID.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Q. How do you identify the subnet portion of a network?


A. With the concept of subnet masking.

Module 4 page 15

Subnet Masking (continued)

IP address

11000000.10101000.00000010.10000100

Subnet mask

11111111.11111111.11111111.10000000
equals
11000000.10101000.00000010.10000000
192.168.2.128
192.168.2.0
192.168.2.128
192.168.2.129 to 192.168.2.254

LOGICAL AND

Subnetwork
Network Class C
Subnetwork
Host range
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

16

All rights reserved 20062007 Alcatel-Lucent

The subnet mask of 255.255.255.128 has been chosen arbitrarily and is applied to the IP address of 192.168.2.132,
which is a Class C address. This subnet mask splits the Class C network of 192.168.2.0 into two subnetworks, each
with 127 hosts.
Using another IP example of 192.168.2.100, after applying the Boolean logic as shown above, we have the Class C
network, which is always 192.168.2.0, and the subnetwork with 192.168.2.0, with the host range of 192.168.2.0 to
192.168.2.127.
Note that, although the subnet and the network have the same network prefix, they are essentially different.
A network with 192.168.2.0 with no subnet mask has a host range of 192.168.2.0 to 192.168.2.25.
As seen in the next slides, a network of 192.168.2.0 can be referred to as a network with 192.168.2.0 with a subnet
mask of 255.255.255.0.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Address Example: 192.168.2.132 (Class C)


What is the network and what is the subnet?
Lets assume a subnet mask of 255.255.255.128 (32-bit
value).
Rewriting the IP address and subnet mask as binary and
applying Boolean logic:

Module 4 page 16

Subnet Masks

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

All possible subnet masks are as follows:

128.0.0.0

/1

192.0.0.0

/2

255.255.192.0

224.0.0.0

/3

255.255.224.0

240.0.0.0

/4

255.255.240.0

/20

248.0.0.0

/5

255.255.248.0

/21

252.0.0.0

/6

255.255.252.0

/22

254.0.0.0

/7

255.255.254.0

/23

255.0.0.0

/8

255.255.255.0

/24

255.128.0.0

/9

255.255.255.128 /25

255.192.0.0

/10

255.255.255.192 /26

255.224.0.0

/11

255.255.255.224 /27

255.240.0.0

/12

255.255.255.240 /28

255.248.0.0

/13

255.255.255.248 /29

255.252.0.0

/14

255.255.255.252 /30

255.254.0.0

/15

255.255.255.254 /31

255.255.0.0

/16

Scalable IP Networks v1.00

255.255.128.0

/17
/18
/19

17

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

An IP address is usually associated with a subnet mask


IP:192.168.2.132 with a subnet mask of 255.255.255.128
IP:192.168.2.132 with a subnet mask of 255.255.255.0
Another denotation for subnet masking is using /x, where x
represents the number of 1s in the subnet mask
255.255.255.0 can be referred to as /24, as in 24 1s
255.255.255.128 can be referred to as /25, as in 25 1s
IP:192.168.2.132/24 implies a subnet mask of
255.255.255.0

Module 4 page 17

All 0 and All 1 Subnet

Subnet 0 192.168.1.0/27

11000000.10101000.00000001.00000000 All 0 subnet

Subnet 1 192.168.1.32/27

11000000.10101000.00000001.00100000

Subnet 2 192.168.1.64/27

11000000.10101000.00000001.01000000

Subnet 3 192.168.1.96/27

11000000.10101000.00000001.01100000

Subnet 4 192.168.1.128/27

11000000.10101000.00000001.10000000

Subnet 5 192.168.1.160/27

11000000.10101000.00000001.10100000

Subnet 6 192.168.1.192/27

11000000.10101000.00000001.11000000

Subnet 7 192.168.1.224/27

11000000.10101000.00000001.11100000 All 1 subnet


27 bits

What is the difference between 192.168.1.0/24 and


192.168.1.0/27?
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

18

All rights reserved 20062007 Alcatel-Lucent

When subnetting first came about, the use of the all 0 and all 1 subnet was forbidden. That meant that when doing
your subnet calculations, you had to subtract two subnets, and all host addresses associated with them, from your
network. The reason why these subnets were restricted was because of the older classful routing protocols, such as
RIPv1. These addresses could cause confusion in a router that ran a classful protocol.
In the all 0 subnet, for example, a router must be able to transmit its routing updates with the route/prefix so that a
receiving router can differentiate between the new 192.168.1.0/27 subnet and the 192.168.1.0/24 base network
addresses. Without being able to understand these prefix lengths, a router would not be able to understand the
difference between the base network and the all 0 subnet.
With the all 1 subnet, a router also needs to understand the prefix length so that it can determine if a broadcast
should be sent to the all 1 subnet or to the entire network. If the router does not understand the prefix length, it
does not know if the broadcast 192.168.1.255 would be sent to the all 1 subnet or to all hosts in all subnets.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Given a network 192.168.1.0 and subnet mask of /27, what are


the possible subnets and hosts?

Module 4 page 18

Calculating Host Addresses

11000000.10101000.00000001.00000000 All 0 host

Host address 1 192.168.1.1/27

11000000.10101000.00000001.00000001

Host address 2 192.168.1.2/27

11000000.10101000.00000001.00000010

.
Host address 29 192.168.1.29/27

11000000.10101000.00000001.00011101

Host address 30 192.168.1.30/27

11000000.10101000.00000001.00011110

Host address 31 192.168.1.31/27

11000000.10101000.00000001.00011111 All 1 host

Example:
Find all hosts in subnet address

192.168.1.96/27

Total number of hosts

30

First host

192.168.1.96+1/27

192.168.1.97/27

Tenth host

192.168.1.96+10/27

192.168.1.106/27

Last host

192.168.1.96+30/27

192.168.1.126/27

Broadcast address

192.168.1.96+31/27

192.168.1.127.27

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

19

All rights reserved 20062007 Alcatel-Lucent

The assigned host address field of a subnet cannot contain all 0s or all 1s. The host number of all 0s is reserved for
the network address while the host number of all 1s is reserved for the broadcast address for that network or subnet.
In the example above, 5 bits are used for the host address field. Using the formula of 25 2 = 30, there are 30
assignable host addresses in this subnet. This means that each of the subnets that were created can support a
maximum of 30 hosts. In the example above, defining the host address for the tenth host in the subnet is relatively
simple: you simply take the host bits and place them in the bit pattern that represents 10 or 01010. This gives the
host address of 192.168.1.10/27. If one of the other subnets were used (for example, 192.168.1.96/27), defining the
host address is a little more difficult; however, the concept remains the same.
Given a subnet address of 192.168.1.96/27 to define the tenth host address, the host bits are once again arranged in
the bit pattern that represents 10 or 01010. This is then added to the network address of 192.168.1.96/27 to give the
host address of 192.168.1.106/27.
To define the broadcast address for this network, the host bits would be all set to 1 or 11111. This is the binary
representation of 31, so 31 would be added to the network address of 192.168.1.96, giving a broadcast address of
192.168.1.127/27 for this particular subnet.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host address 0 192.168.1.0/27

Module 4 page 19

Extended Network Prefix

y For example: A Class A IP address of 10.0.0.0 can be referred to as


network 10.0.0.0/8, where /8 implies a subnet mask of
255.0.0.0, or
network 10.0.0.0/16, where /16 implies a subnet mask of
255.255.0.0, in which case the 10.0 is the extended network
prefix.
y Similarly, an IP address of 138.120.24.253/25 has an extended
network prefix of 138.120.24.128.

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

20

All rights reserved 20062007 Alcatel-Lucent

Routers use the network prefix of the destination IP address to route the traffic to a subnetted environment. Routers
in the subnetted environment use the extended network prefix to route traffic between the individual subnets. The
extended network prefix is a combination of the network prefix and the subnet number.
The extended network prefix was originally defined by the subnet mask, as shown in the slide above. When the bits in
the subnet mask are set to 1, the router examining the address treats the corresponding bits in the destination IP
address as part of the network address. The bits in the subnet mask that are set to 0 define the host portion of the
address.
The more modern protocols, such as OSPF, ISIS, and BGP, allow the extended network prefix to be represented by a
decimal number that indicates the length of the subnet mask, as shown above. This number represents the number of
contiguous 1s in the subnet mask.
It should be understood that this concept of representing the prefix length with a decimal number is strictly for the
convenience of the user. The protocol still carries the four octet subnet mask in its routing updates.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Class-based addressing for IP addresses is not required and is


seldom used today.
Subnetting is very common for IPv4 addresses, and all network
addresses supported by modern protocols expect a subnet mask.
Because any subnet mask can be applied to any IP address, a
network address can be referred to by a prefix with a subnet
mask.

Module 4 page 20

Subnet Design Considerations

Subnet 4

Subnet 6
1. How many subnets
required now?

Subnet 3
Subnet 9

2. How many subnets in the


future?
3. How many hosts in the largest

Subnet 7

subnet?
4. How many hosts will be in the
subnet in the future?

Subnet 5

Alcatel-Lucent Scalable IP Networks v1.1

Subnet 8

Module 4 |

21

All rights reserved 20062007 Alcatel-Lucent

An addressing plan requires careful planning and consideration for future requirements. The network administrator
cannot just look at the existing infrastructure in the assignment of addresses but must take into account future
growth of hosts of all the subnets as well as future growth in the number of subnets that will be required.
The first planning step is to define the number of subnets that are required. In the example above, there is a
requirement for nine subnets; therefore, 23 or 8 subnets would not meet the requirement. To meet this requirement,
the administrator must plan for 24 or 16 subnets. This now leaves room for future expansion.
The next step is to ensure that there is enough host space available to meet the requirements of the largest subnet.
If the largest subnet required 35 hosts, a 26- or 64-host space must be used. This size would also leave room for
expansion.
After the design is completed, the administrator must ensure that the organizations allocated IP address space is
sufficient to meet current as well as future needs.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Subnet 2
Subnet 1

Module 4 page 21

Subnet Example

Subnet 3

Subnet 2

20 host addresses
2. Network IP address is 192.168.1.0/24

Subnet 4

Subnet 6
Subnet 5

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

22

All rights reserved 20062007 Alcatel-Lucent

First the administrator must identify the bits required to provide the six needed subnets. Because the address is a
binary address, the boundaries for the subnets are base on the power of 2.
In the example above, the administrator would require 3 bits of the existing host address to provide the necessary
subnets: 23 = 8 available subnets. This would give the subnets an extended prefix of 27 bits. The 4-octet subnet mask
would appear as 255.255.255.224.
This would leave 5 bits of the last octet for host addresses. The calculation for usable or assignable host addresses is
2n 2, or in this case 25 2. The reason why 2 host addresses must be subtracted from the total is because the host
address 00000 (all 0s) is reserved for the network address and the host address of 11111 (all 1s) is reserved for the
broadcast address of the subnet.
In the example above, the base address is 192.168.1.0/24. With the subnet extended prefix defined above, the
administrator would have the following subnets, with each subnet supporting 30 hosts:
192.168.1.0/27

192.168.1.32/27 192.168.1.64/27

192.168.1.96/27 192.168.1.128/27192.168.1.160/27
192.168.1.192/27192.168.1.224/27

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. Subnet 2, the largest subnet, requires


Subnet 1

Module 4 page 22

Section 3 Variable Length Subnet Mask

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

Variable-Length Subnet Mask

In this scenario there are 5 networks; we can therefore


generate our subnets with a /27 mask as follows:
192.168.10.0/27

192.168.10.128/27

192.168.10.32/27

192.168.10.160/27

192.168.10.64/27

192.168.10.192/27

192.168.10.96/27

192.168.10.224/27

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

24

All rights reserved 20062007 Alcatel-Lucent

When an IP network is assigned more than one subnet mask, it is considered to be a network with variable-length
subnet masksi.e., the extended prefixes that are used are not all the same for each subnet.
VLSM is a more efficient use of the allocated IP address space. Instead of being locked into a single subnet prefix,
VLSM allows the administrator to tailor the size of the subnets to meet the host requirements. For example, the
figure above shows one of the subnets being further subdivided into /30 subnets. These work well for point-to-point
links used between routers, for which only two host addresses are required.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Given a network of 192.168.10.0/24, generate subnetworks to


address each of the networks below:

Module 4 page 24

VLSM (continued)

192.168.10.96/27

192.168.10.0/27

192.168.10.32/27

192.168.10.64/27

192.168.10.128/27

Each of the above subnets supports 30 hosts.


However, the link between the routers is a point-to-point link
and only requires 2 host addresses.
The broadcast networks attached to a switch could require 60
hosts each but are limited by 30 hosts.
How do we rectify this situation?
Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

25

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The following subnetworks have been assigned randomly:

Module 4 page 25

VLSM (continued)

192.168.10.0/26
192.168.10.64/26
192.168.10.128/26
192.168.10.192/26 (all with 62 hosts each)

This is not enough to represent five networks, but take


subnetwork 192.168.10.192/26 and apply /30 to it.
192.168.10.192/26 can then be divided into:
y 192.168.10.192/30
y 192.168.10.200/30
y 192.168.10.208/30

192.168.10.196/30
192.168.10.204/30
192.168.10.212/30 and so on..

Any one of the above addresses can be used to represent pointto-point links between the routers.
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

26

All rights reserved 20062007 Alcatel-Lucent

When developing a VLSM design, the network administrator must take into consideration the same questions that
were asked when doing the traditional subnet design. At each level, the administrator must ensure that there are
enough bits available for expansion.
If the networks are spread out over a number of different sites, the administrator must ensure that enough bits are
used to support those sites and any future sites that may be deployed. In addition, the administrator must envision
how each site may further subdivide their network to support the sub-subnets in the site itself.
Development of this hierarchical addressing scheme requires careful consideration and planning. The network must
recursively work its way down so that each level has enough space in the host address to support each requirement.
If this hierarchical scheme is planned correctly before deployment, the multiple networks can then be aggregated
into a single address that will help to reduce the number of routing entries in the backbone routers.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Assign variable-length subnet masks to the network.


Use a different mask (e.g., use /26 for 192.168.10.0/24).
The total number of subnetworks generated are:

Module 4 page 26

VLSM Requirements

Subnet 4

Subnet 6
Subnet 3
Subnet 9

Subnet 7

Subnet 5

Alcatel-Lucent Scalable IP Networks v1.1

Subnet 8

Module 4 |

27

All rights reserved 20062007 Alcatel-Lucent

VLSM brings about a new set of challenges: how the different subnets and their various extended prefixes get
advertised throughout the network This requires the use of more modern routing protocols. The routing protocol used
must be able to satisfy the following:

The routing protocol must be able to carry the extended prefixes with each subnet advertised.

The routers themselves must make forwarding decisions based on the longest match.

The routing protocol must be able to perform summarization to support route aggregation.

Routing protocols such as OSPF and IS-IS support the use of VLSM. RIPv1 does not support the use or deployment of
VLSM; however, RIPv2 does support the use of VLSM.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Subnet 2
Subnet 1

Module 4 page 27

VLSM Example 1

Subnet 4
172.16.96.0/19

It requires 5 subnets each


needing at least 2000
hosts

Subnet 3
172.16.64.0/19

Subnet 2

Subnet 5

172.16.32.0/19

172.16.128.0/19

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

28

All rights reserved 20062007 Alcatel-Lucent

In the example above, the organization is assigned the network IP address of 172.16.0.0/16, and it plans to design
and deploy a VLSM network. Five subnets are required each with a requirement of 2000 hosts.
In typical Class B fashion, there is only 1 network with 65 534 hosts, and this is represented by the last 16 bits. We
need 5 networks. Using some of the default Class B host bits should give us the required networks.
Option 1: Using 2 bits out of 16 gives us 22 = 4 networks and 214 = 16 384 hosts
Option 2: Using 3 bits out of 16 gives us 23 = 8 networks and 213 = 8192 hosts
Option 3: Using 4 bits out of 16 gives us 24 = 16 networks and 212 = 4096 hosts
Option 2 or 3 can be used, but because only 5 networks are required, option 2 is the best choice here. However, if
the network is bound to grow with no more than 4000 hosts ever in any given subnet, option 3 might be better
because the network has been designed for 16 subnets.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Subnet 1
172.16.0.0/19

In this example, the


service provider is
allocated and address of
172.16.0.0/16

Module 4 page 28

VLSM Example 2

Subnet 3f
Subnet 3a

172.16.95.0/24

Subnet 3

172.16.64.0/20

172.16.64.0/19

Subnet 3e

Subnet 3b

172.16.94.0/24

172.16.80.0/21
Subnet 3c

Subnet 3d

172.16.88.0/22

172.16.92.0/23

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

29

All rights reserved 20062007 Alcatel-Lucent

In the example above, subnet 172.16.64.0/19 has been isolated and is now going to be further subdivided to support
the six subnets that are located in the local campus. The total number of hosts supported in the /19 network is 8190.
This can be further subdivided into more subnetworks with a smaller number of hosts.
If the requirement is to have six unequal subnets, one option is as follows:
172.16.64.0/20

212

4094

172.16.80.0/21

211

2046

172.16.88.0/22

210

1022

172.16.92.0/23

29

510

172.16.94.0/24

28

254

172.16.95.0/24

28

254

Note that the sum of all valid hosts is 8180. This is because by dividing further, two addresses are reserved for the
subnetwork number and broadcast number for each. The use of VLSM allows flexibility in the design of networks. Not
all subnetworks or networks require the same number of hosts.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The service provider has the IP address 172.16.0.0/16 and


has a subnet, 172.16.64.0/19 which must be further
subnetted into 6 subnets supporting different numbers of
hosts

Module 4 page 29

VLSM Exercise

Divide the address space into the subnets as shown in the diagram below

Subnet 2

Subnet 1

Subnet 3

Subnet 2d

Subnet 2a
Subnet 2b

First host

Last host

Alcatel-Lucent Scalable IP Networks v1.1

Subnet 2c

Broadcast
Module 4 |

30

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the administrator is tasked with taking the base address and subnetting it to support three
subnets.
Then the second subnet must be further subdivided to support four subnets. The administrator must then define the
first, last, and broadcast addresses for the second sub-subnet.
Subnet 1 network address ______________________
Subnet 2 network address ______________________
Subnet 3 network address ______________________
Subnet 2a network address ______________________
Subnet 2b network address ______________________
Subnet 2c network address ______________________
Subnet 2d network address ______________________
Subnet 2b
First host address ___________________
Last host address ___________________
Broadcast address __________________

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The base network address is 138.120.0.0/16.

Module 4 page 30

VLSM Exercise (continued)

IP subnet addresses

20 Users
B
18 Users
C

20 Users
D
Corporate HQ
18 Users
E
25 Users
F
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

31

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the administrator is tasked with taking the base address and subnetting it to support six subnets,
ensuring that each subnet will support its host requirements.
The next task for the administrator is to take one of the subnets and further subdivide it to support the point-topoint links that join the subnet routers to the main router.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Using 10.10.10.0/24, provide

25 Users

Module 4 page 31

VLSM Exercise (continued)

HQ A ________________________
HQ B ________________________
HQ C ________________________
HQ D ________________________
HQ E ________________________
HQ F ________________________
Router A LAN ________________________
Router B LAN ________________________
Router C LAN ________________________
Router D LAN ________________________
Router E LAN ________________________
Router F LAN ________________________

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

32

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Given the IP address, use VLSMs to extend the use of the address.
Provide a possible address for:

Module 4 page 32

Section 4 Classless Inter-Domain Routing

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

Classless Inter-Domain Routing

10.10.1.0/24
Router A

Router B

.
.
10.10.254.0/24

Routing Table
10.10.0.0/24
10.10.1.0/24
.
.

10.10.255.0/24

.
10.10.255.0/24

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

34

All rights reserved 20062007 Alcatel-Lucent

With the rapid expansion of the Internet, IPv4 addresses were quickly becoming exhausted, and the sizes of routing
tables were expanding exponentially. The response to these problems was the development and adaptation of CIDR.
CIDR eliminated the concept of address classes and replaced it with the concept of network prefixes. Rather than the
first 3 bits defining the network mask, the network prefix now defines the network mask. This prefix mask is a
method of defining the leftmost contiguous bits in the network portion of the routing table entry.
By eliminating the concept of address classes, CIDR allowed for a more efficient allocation of the IP address space. In
addition, CIDR supports the concept of route aggregation, thus allowing a single route entry to represent multiple
networks.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.10.0.0/24

Module 4 page 34

Route Aggregation
Router A

10.15.24.0/24

Router B

Route Table
10.15.24.0/21

10.15.25.0/24
10.15.26.0/24
10.15.27.0/24
10.15.28.0/24
10.15.29.0/24
10.15.30.0/24
10.15.31.0/24

Common bit pattern

Common

Network

Line (/21)

Line (/24)

10.15.24.0/24

00001010 . 00001111 . 00011 000 . 00000000

10.15.25.0/24

00001010 . 00001111 . 00011 001 . 00000000

10.15.26.0/24

00001010 . 00001111 . 00011 010 . 00000000

10.15.27.0/24

00001010 . 00001111 . 00011 011 . 00000000

10.15.28.0/24

00001010 . 00001111 . 00011 100 . 00000000

10.15.29.0/24

00001010 . 00001111 . 00011 101 . 00000000

10.15.30.0/24

00001010 . 00001111 . 00011 110 . 00000000

10.15.31.0/24

00001010 . 00001111 . 00011 111 . 00000000

Alcatel-Lucent Scalable IP Networks v1.1

All possible combinations are


contained within the network line
and the common line.

Module 4 |

35

All rights reserved 20062007 Alcatel-Lucent

As was discussed in the VLSM section, address planning is extremely important when subnets are first deployed. The
subnets should be deployed so that they support the concept of aggregation, and when aggregation or summarization
is applied all subnets can be represented by as few entries as possible in the route table.
In the slide above, Router A supports eight different subnets with a /24 prefix. Rather than advertising all eight
subnets, the administrator has decided to implement route aggregation. To see what network address or addresses
will be advertised from Router A to Router B, the administrator has decided to calculate what the new network
prefix or prefixes should be.
First, define the octet that will be manipulated by the aggregation. In this case, it is the third octet.
Next, identify the original network prefix (/24), then look to the left of the prefix line and identify the area where
all the addresses have the same bit pattern. Draw a line down that portion. Look in-between these two lines and
ensure that all possible bit patterns are contained between the two lines. If this is the case, you can then summarize
those bit patterns into (in this example) a /21 mask.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Route Table

Module 4 page 35

Route Aggregation Exercise

10.15.1.96/28
Router 1

Router 2

10.15.1.64/28

10.15.1.112/28

Given the information on the


slide, what summarized route
or routes will be advertised to
Router 2 from Router 1?

10.15.1.80/28
10.15.1.48/28

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

36

All rights reserved 20062007 Alcatel-Lucent

In the figure above, the administrator is going to be using route aggregation on Router 1. What route or routes will be
advertised to Router 2?

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.15.1.32/28

Module 4 page 36

CIDR and VLSM

VLSM
Customer

Alcatel-Lucent Scalable IP Networks v1.1

ISP

Module 4 |

37

All rights reserved 20062007 Alcatel-Lucent

When you first look at CIDR and VLSM, they seem to both provide the same function and they are very similar. The
difference between the two is how they appear to the Internet.
Both CIDR and VLSM support the following:

The routing protocol must carry network-prefix information with each advertised route.

All routers must support the longest-match forwarding algorithm.

Addresses must be allocated to support route aggregation.

The difference is, as mentioned earlier, how the manipulation of the address space appears to the Internet.
VLSM address manipulation is done on the address assigned to an organization and is invisible to the Internet.
CIDR, on the other hand, manipulates addresses, and these manipulations are advertised to the Internet.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

CIDR

Module 4 page 37

LAB 2.1-2.2 IP Addressing

Edge-Pod1

Core-Pod1

Core-Pod3

Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Pod2

Edge-Pod2

Core-Pod2

Core-Pod4

Edge-Pod3
Edge-Pod4

Module 4 |

Pod4

38

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Pod1

Module 4 page 38

Section 5 IPv6 Addressing

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

Features of IPv6

y More than 3.4 x 1038 addresses

Hierarchical address allocation provides efficient routing


y Small routing table

Support for anycast addresses and the elimination of


broadcast addresses
Efficient IP header (40 bytes with 8 fields)
y Fewer fields and simpler forwarding

Built-in security (IPsec implemented in IPv6)


y Authentication header and encapsulation security payload

Better QoS support


Flexibility in the Extension header
y Daisy chain of next headers
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

40

All rights reserved 20062007 Alcatel-Lucent

Provides a huge address space


There are more than 3.4 x 1038 addresses (this represents approximately 5 x 1028 address for each
person alive today!). Practically an infinite number of addresses insures no future shortages and
provides great flexibility in address allocation.

Hierarchical address allocation provides efficient routing


There is a small routing table because routes can be summarized due to the hierarchical nature of
address space. This simplifies routing for mobile and other specialized devices.

Support for anycast addresses and the elimination of broadcast addresses

Efficient IP header (40 bytes with 8 fields)

Fewer fields and simpler forwarding enhances router efficiency.

Built-in security (IPsec implemented in IPv6)


Authentication header and encapsulation security payload

Better QoS support

Flexibility in the extension header


A daisy chain of next headers provides flexibility to increase IP functionality without complicating the
primary header used for forwarding.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Provides a huge address space

Module 4 page 40

IPv6 Header

Version

Traffic Class

Flow Label

Payload Length

Next Header

Hop Limit

Source Address

Destination Address

Alcatel-Lucent Scalable IP Networks v1.1

Version

Traffic Class

Flow label

Payload length

Next header

Module 4 |

41

All rights reserved 20062007 Alcatel-Lucent

Value is 6
Similar to ToS field in IPv4; supports differentiated services
Can be used to identify specific data flows
Length of the IP payload; similar to IPv4 except that it does not include the header length
Similar to the protocol field in IP; specific values are used to indicate that extension headers follow the
mail header

Hop Limit
Similar to TTL in IPv4, but specifically designated as a hop count field

Source Address
128-bit address of the sending node

Destination Address
128-bit address of the intended recipient

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IPv6 header: 8 fields, 40 bytes

Module 4 page 41

IPv4 vs. IPv6

Alcatel-Lucent Scalable IP Networks v1.1

IPv6 header: 8 fields, 40 bytes

Module 4 |

42

All rights reserved 20062007 Alcatel-Lucent

There is no Identification or Fragment Offset field in IPv6 because it does not support packet fragmentation.
A minimum MTU of 576 is defined for IPv6 networks, and packets exceeding the MTU are discarded.

There is no Header Checksum field because there is no checksum at the IP level in IPv6. IPv6 relies on layers 2
and 4 to provide the error-free transmission of data.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Compare IPv4 and IPv6 headers:


IPv4 header: 12 fields, 20 bytes

Module 4 page 42

IPv6 Addressing

y 2001:0211:0000:0000:ab01:0000:0000:0011

Compressed representation
y Leading zero compression:
2001:211:0:0:ab01:0:0:11

y Multiple successive zero fields can be compressed (only once):


y 2001:211::ab01:0:0:11

Types of addressing:
y Unicast addressing
y Multicast addressing
y Anycast addressing

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

43

All rights reserved 20062007 Alcatel-Lucent

Represented by colon-hexadecimal format (each digit represents one hex digit)

Compressed representation

2001:0211:0000:0000:ab01:0000:0000:0011
Leading zero compression:
2001:211:0:0:ab01:0:0:11
Multiple successive zero fields can be compressed (only once). :: represents a number of zeroes but
can only be used once in the string because it would be ambiguous if used more than once.
2001:211::ab01:0:0:11

Types of addressing:
Unicast addressing (a single host)
Multicast addressing (a number of hosts)
Anycast addressing (any one of a number of hosts)

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Defined in RFC 3513


Represented by colon-hexadecimal format

Module 4 page 43

Section 6 NAT/PAT

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Addressing

IP Addressing NAT/PAT

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

45

All rights reserved 20062007 Alcatel-Lucent

It is important to note that the 7750 SR does not currently support NAT or PAT. The 7750 SR is not an enterprise
router, and this feature is generally found in enterprise routers. The 7750 SR is not generally placed at that level of a
network. There are currently no plans for the 7750 SR to support NAT or PAT. The reason that NAT and PAT are
mentioned in this review is that they are currently commonly seen in the network infrastructure, and thus network
experts should have a generic understanding of their purpose.
Network address translation and Port and address translation were created to alleviate the stresses of IP allocation in
the world. Working closely with the private IP address ranges, NAT and PAT allow for private IP addresses to be
translated into public IP addresses. This translation can be in one of two forms.
The first form of translation is one-to-one translation; we call this NAT. A single private IP address is translated to
a single public IP address. In this form, the transport-layer port numbers are not monitored or modified. This allows
for all applications to function normally without any change to the upper layers. The disadvantage of this form of
translation is that there must be a pool of available addresses to support all the private IP-addressed clients. If all
addresses in the pool are in use and a new NAT requirement emerges, it will fail because there is no available address
within the pool of public addresses.
The second form of translation is many-to-one; we call this PAT. A single public IP address supports multiple
private IP addresses simultaneously. To accomplish this, the router must not only map the IP address of the client
device, it must also map the port number in use by the client. As translation occurs, the IP address is changed to a
single public address. To keep track of the multiple streams of traffic from client devices, the port numbers are
mapped into the database. If a clients random port number is already mapped by a different active client, the
router not only changes the IP address, it also changes the clients port number.
Note that with the extremely large address space provided by IPv6, NAT/PAT will no longer be required.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Translates private IP addresses into public ranges


NAT One-to-one address translation
NAT Does not monitor transport layer port numbers
PAT Many-to-one address translation
PAT Does monitor transport layer port numbers
Defined in RFCs 2663 and 3022
NAT/PAT is not currently supported on the Alcatel 7750 SR

Module 4 page 45

IP Addressing NAT

Internet

192.1.1.1

10.1.1.1

192.1.1.0/24
10.1.1.2
10.1.1.3
10.1.1.0/24

Alcatel-Lucent Scalable IP Networks v1.1

NAT Table:
Public pool: 192.1.1.1 192.1.1.254 /24
Internal <> External
10.1.1.1 <> 192.1.1.2
10.1.1.2 <> 192.1.1.3
10.1.1.3 <> 192.1.1.4

Module 4 |

46

All rights reserved 20062007 Alcatel-Lucent

In the example of NAT above, the range of public IP addresses is from 192.1.1.2 to 192.1.1.254. Each client that
sends traffic through the router will be mapped to a single IP address in the pool. If 253 clients are actively sending
traffic through the router, the pool of available public IP addresses is saturated. When the 254th client tries to send
traffic out the router, it will time out because there are no available public IP addresses to use for NAT. Although this
limits the number of clients who can simultaneously use this NAT router, it does not limit the types of applications
that each client can be using.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

NAT router

Module 4 page 46

IP Addressing PAT

1/1/1=192.1.1.5

10.1.1.1

192.1.1.4/30
10.1.1.2
10.1.1.3
10.1.1.0/24

PAT Table:
Public pool: 192.1.1.5/32 (Int. 1/1/1)
Internal <> External
10.1.1.1:1101 <> 192.1.1.5:1101
10.1.1.2:1212 <> 192.1.1.5:1212
10.1.1.3:1212 <> 192.1.1.5:2424*
* Duplicate port; random port replaces duplicate

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

47

All rights reserved 20062007 Alcatel-Lucent

When using PAT, the router that is performing the operation must keep track of the source IP address and the source
port number being used at the transport layer. Optionally, the router may also keep track of the destination address
and port number. Because only one public address is allocated to the translation pool, all source IP addresses must be
translated to the one public address. To keep track of each clients traffic, the router maps the source port number
into its database. Because client port numbers are typically sourced from the random port range (1024 to 65535),
there is a possibility that two clients could use the same port number. When this occurs, the router not only modifies
the source IP address, but it also modifies the source port number so that it can differentiate the traffic. This port
change is not reflected to the client and is therefore transparent to the client. Most modern applications do not have
a problem with the change of port. However, some applications (mostly legacy ones) require specific source and
destination port numbers. If the router modifies the source port to one different than the application expects, or
requires, the application may not function properly.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Internet

PAT router

Module 4 page 47

Section 7 IP Protocols

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Overview

Internet Control Message Protocol

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

49

All rights reserved 20062007 Alcatel-Lucent

ICMP messages are constructed at the IP layer, usually from a normal IP datagram that has generated an ICMP
response. IP encapsulates the appropriate ICMP message with a new IP header (to get the ICMP message back to the
original sending host) and transmits the resulting datagram in the usual manner.
For example, each device (such as an intermediate router) that forwards an IP datagram must decrement the TTL
field of the IP header by one. If the TTL reaches 0, an ICMP time to live exceeded in transit message is sent to the
source of the datagram.
Each ICMP message is encapsulated directly in a single IP datagram, and thus, like UDP, ICMP does not guarantee
delivery.
Although ICMP messages are contained in standard IP datagrams, ICMP messages are usually processed as a special
case, distinguished from normal IP processing, rather than processed as a normal subprotocol of IP. In many cases, it
is necessary to inspect the contents of the ICMP message and deliver the appropriate error message to the
application that generated the original IP packet (the one that prompted the sending of the ICMP message).

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ICMP is a core IP application protocol used mainly to report


errors in delivering IP datagrams.
IP is connectionless and basically unreliable.
ICMP is needed to send error control messages to routers
and hosts.
ICMP is encapsulated in the IP packet and is routed like a
data packet.
ICMP is part of the Internet protocol suite, defined in RFC
792. ICMP messages are typically generated in response to
errors in IP datagrams (as specified in RFC 1122) or for
diagnostic or routing purposes.
The version of ICMP for IPv4 is also known as ICMPv4 as it is
part of IPv4. IPv6 has an equivalent protocol, ICMPv6.

Module 4 page 49

ICMP Message Types

y The host device sends an echo request to the destination device.


y The destination device sends back an echo reply.
y The ping utility uses the echo request and reply message types.

Destination unreachable (type 3)


y Used by a router that cannot forward an IP datagram to send to the
source of the IP datagram
y The router then discards the IP datagram.

Redirect (type 5)
y A redirect message can be sent back to the host, indicating that the IP
datagram is taking a suboptimal route. The router then forwards the
data to the destination.
y Useful but may have security issues
Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

50

All rights reserved 20062007 Alcatel-Lucent

Echo request and echo reply messages are very frequently used. A host or router sends an ICMP echo request
message to a specified destination. Any device that receives an echo request generates an echo reply and returns it
to the original sender. The request contains an optional data area, and the reply contains a copy of the data sent in
the request. The echo request and reply can thus be used to test whether a destination is reachable. The echo
request and reply are sent via IP datagrams.
Assumptions:

The IP software on the source computer must route the datagram.

The intermediate routers between the source and destination must be operating and must route the
datagram correctly.

The destination device must be running and both ICMP and IP software must be working.

All routers along the path must have the correct routes.

Ping is the most common way to send an ICMP echo request. The command usually sends a series of echo request
messages and captures the corresponding echo replies. Ping then calculates the data loss statistics.
The destination unreachable command can be quite useful. For example, if the destination device connects to an
Ethernet network, the network hardware does not provide ACKs. Therefore, a router can continue to send packets to
a destination even after the destination is powered down without receiving an indication that the destination is
down.
The destination unreachable message is only useful in determining that the destination is not reachable. It does not
inform the source router why the packet was not delivered.
The hosts in a network have minimal routing information on system startup. As the network topology changes, the
host routing table may not have the optimal information. The router redirect message can be used to inform the
host that it needs to change its route to the destination. The host routing table will then contain optimal routes.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Some common message types are:


Echo request and echo reply (type 8 and type 0)

Module 4 page 50

ICMP in Action

G2
Host B

Host A

Normal IP packet flow from Host A to Host B


Destination link is broken
ICMP destination unreachable message is sent to source
Destination link is fixed
Gateway G1 decides that gateway G2 is more optimal and sends a
redirect message to Host A
IP packet flow from Host A to Host B occurs via Gateway G2

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

51

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

G1

Module 4 page 51

Address Resolution Protocol

Host 2

ARP

ICMP

request

Ping 10.10.10.2

Host 2
10.10.10.2/24

ARP

Host 1
10.10.10.1/24

reply
Echo request
10.10.10.2

Host 2
Is alive

Alcatel-Lucent Scalable IP Networks v1.1

Echo reply
10.10.10.1

Module 4 |

52

All rights reserved 20062007 Alcatel-Lucent

When a host device sends a ping to another host device on the same subnet, how does it know what the MAC address
of the distant host device is? This is when ARP is used. ARP is used by IP to map a known IP address to the unknown
hardware address of the host. ARP operates between L2 and L3 of the OSI model.
An Ethernet network uses two hardware addresses to identify the source and destination of each frame. If the
destination address is all 1s (a broadcast frame), it will be sent to all hosts in that broadcast domain. ARP uses this
broadcast to find out the destination MAC address of the distant host.
In the figure above, Host 1 pings Host 2. Host 1 looks in its cache of MAC addresses for the destination MAC address of
Host 2. If it is not there, Host 1 queues the ICMP packet and sends an ARP request message. The ARP request is a
broadcast message, and it is sent to all hosts in the broadcast domain. Each host opens the frame and checks the
destination IP address. If it is not its address, the host ignores the packet. However, when Host 2 receives the
request, it sees that it is the destination and sends an ARP reply. This ARP reply is wrapped in a frame that has for its
destination the MAC address of Host 1, and the source is the MAC address of Host 2. On receiving the reply, Host 1
now learns the MAC address of Host 2 and is able to wrap the ICMP message and send it to Host 2.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host 1

Module 4 page 52

ARP across a Router

ICMP
Ping 20.20.20.1

Router 1

Router 1

ARP

Host 12

ARP

request

request

Host 12
Host 1
10.10.10.1/24

ARP

ARP

reply

20.20.20.1/24

reply

Echo request
Echo request 6

20.20.20.1
8

Router 1

Host 12

Echo reply

Is alive

10.10.10.1

20.20.20.1
7

Echo reply
10.10.10.1

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

53

All rights reserved 20062007 Alcatel-Lucent

With the previous slide, the discussion was of the use of ARP within the same subnet. What happens if the distant
host is not in the same subnet as shown above?
Host 1 generates a ping to Host 12. Again, when Host 1 goes to wrap the packet in the Ethernet frame, it does not
have a destination MAC address associated with the Host 12 IP address, so Host 1 generates an ARP request message.
This is still a broadcast message and is received by Router 1 [1]. Router 1 examines the destination IP address of the
request and sees that the subnet is in its routing table. Router 1 responds to Host 1 with an ARP reply [2] that
provides Host 1 with the MAC address of the interface of Router 1 as the destination MAC address for the packet. This
makes Router 1 the proxy destination for any traffic that goes to Host 12.
When Host 1 wants to send a packet to Host 12, it uses its MAC table lookup and uses the routers MAC address as the
target MAC address [3].
Router 1 then generates an ARP request message to the 20.20.20.0/24 network, looking for the MAC address of Host
12 [4]. Host 12 responds to Router 1, and Router 1 learns the Host 12 MAC address [5].

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host 1

Module 4 page 53

ARP Request Packet Capture

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

54

All rights reserved 20062007 Alcatel-Lucent

In the above packet capture a host with IP address 138.120.53.253 is attempting to resolve the MAC address for a
host with IP address 138.120.53.149. The destination MAC address of the Ethernet II frame is sent to the broadcast
address ff:ff:ff:ff:ff:ff. All devices in the same broadcast domain will receive this frame. Only the host with IP
address 138.120.53.149 will reply. The EtherType for ARP is 0x0806 and is used to indicate which protocol is being
transported in the Ethernet II frame.
ARP Packet
Hardware Type- Each layer 2 protocol is assigned a number used in this field. For example, Ethernet is 1
Protocol Type- Each protocol is assigned a number used in this field. For example, IP is 0x0800
Hardware Size- Size in bytes for hardware addressing. Ethernet addresses are 6 bytes in length.
Protocol Size- Size in bytes for logical addressing. IPv4 addresses are 4 bytes in length.
Operation Code- Specifies the operation the sender is performing. A value of 1 is for ARP request and a value of 2 is
for ARP reply.
Sender MAC address- The hardware MAC address of sender.
Sender IP address- Protocol address of sender.
Target MAC address- The hardware MAC address of the intended receiver. The MAC address will be all 0s for a
request.
Target IP address- The protocol address of the intended receiver.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Frame 31 (60 bytes on wire, 60 bytes captured)


Ethernet II, Src: 00:04:80:9f:78:00, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff
Source: 00:04:80:9f:78:00
Type: ARP (0x0806)
Trailer: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (0x0001)
Sender MAC address: 00:04:80:9f:78:00
Sender IP address: 138.120.53.253
Target MAC address: 00:00:00_00:00:00
Target IP address: 138.120.53.149

Module 4 page 54

ARP Reply Packet Capture

Alcatel-Lucent Scalable IP Networks v1.1

Module 4 |

55

All rights reserved 20062007 Alcatel-Lucent

The above packet capture is the ARP reply in response to the ARP request on the previous page. The Ethernet frame
is a unicast frame and is sent only to the MAC address of the ARP request sender. All fields in the ARP reply packet
have the same meaning as the ARP request packet. The main difference in the APR reply packet is the Operation
code (Value of 2 for request) and fully populated MAC addresses for the sender and the target. Note the sender and
target addresses have been swapped.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Frame 32 (42 bytes on wire, 42 bytes captured)


Ethernet II, Src: 00:11:43:45:61:23, Dst: 00:04:80:9f:78:00
Destination: 00:04:80:9f:78:00
Source: 00:11:43:45:61:23
Type: ARP (0x0806)
Address Resolution Protocol (reply)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: reply (0x0002)
Sender MAC address: 00:11:43:45:61:23
Sender IP address: 138.120.53.149
Target MAC address: 00:04:80:9f:78:00
Target IP address: 138.120.53.253

Module 4 page 55

Module Summary

y Unicast: a specific IP address that identifies one host


y Broadcast: all IP addresses in a broadcast domain
y Multicast: a group of hosts
y Anycast: a specific IP address that identifies multiple hosts

There are Classful and Classless addressing formats


Sub-netting and classless addressing provides flexibility and
more efficient use of address space by adding a level in the
addressing format to define the sub-net number

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

56

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IPv4 addresses consist of 32 bits (4 octets) traditionally


divided into a Network prefix and a Host number
There are 5 Classes of addresses
There are 4 types of addresses:

Module 4 page 56

Module Summary (contd)

y With NAT a single private IPv4 address is translated to a single


public IP address.
y With PAT a single public address supports multiple private IP
addresses simultaneously

IPv6 provides huge address space, with addresses of 128


bits, it has 8 fields in its header with the following that
differ from IPv4:Traffic Class, Flow Label, Next Header

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

57

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VLSM enables an IP network to be assigned more than one


sub-net mask, allowing for more efficient use of the address
space
Route aggregation reduces the number of routing table
entries by allowing several sub-nets to be advertised by
only a few prefixes
NAT & PAT used to alleviate IPv4 address shortage in the
world

Module 4 page 57

Module Summary (contd)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

58

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ICMP is a core IP application protocol used mainly to report


errors in delivering IP datagrams
ICMP is encapsulated in an IP packet and routed like a data
packet
ARP is used by IP to map a known IP address to the unknown
hardware address of the host

Module 4 page 58

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

59

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. Define the first, last, and broadcast addresses of the


following network address: 192.168.16.64/27
2. Which of the following addresses is a broadcast address?
a. 138.120.0.255/23
b. 191.16.1.99/30
c. 145.1.1.108/30
3. Subnet the following address to provide a minimum of 9
subnets: 190.16.4.0/22

Module 4 page 59

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 4 |

60

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

4. Choose the correct addresses from the following list that


can be super-netted to provide 300 host addresses.
a. 192.168.1.0/24
b. 192.168.2.0/24
c. 192.168.3.0/24
d. 192.168.4.0/24
5. Summarize the following addresses to the least amount of
addresses that will be advertised.
a. 11.11.11.16/28
b. 11.11.11.32/28
c. 11.11.11.48/28
d. 11.11.11.64/28
e. 11.11.11.96/28
f. 11.11.11.80/28
g. 11.11.11.112/28

Module 4 page 60

LAB 2.3 Testing for ICMP and ARP (Optional)

Edge-Pod1

Core-Pod1

Core-Pod3

Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Pod2

Edge-Pod2

Core-Pod2

Core-Pod4

Edge-Pod3
Edge-Pod4

Module 4 |

Pod4

62

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Pod1

Module 4 page 62

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

3HE-02767-AAAA-WBZZA Edition 01

Module 5 Transport Layer

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Understand the transport layer functions
Understand the concepts of ports and sockets
Discuss the TCP 3-way handshake
Discuss the concept of the TCP window
Understand the TCP method of congestion avoidance
Discuss TCP slow start
Discuss the operation of UDP

Module 5 page 2

Section 1 Transport Layer Protocols

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Transport Layer Overview

Transport Layer

y TCP is connection-oriented while UDP is connectionless

OSI transport layers are TP0, TP1, TP2, TP3, and TP4
TP4 and TCP are functionally similar

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

Transport Protocol Class 0 (TP0) performs segmentation (fragmentation) and reassembly functions. TP0 discerns the
size of the smallest maximum PDU supported by any of the underlying networks, and segments the packets
accordingly. The packet segments are reassembled at the receiver.
Transport Protocol Class 1 (TP1) performs segmentation (fragmentation) and reassembly, as well as error recovery.
TP1 sequences PDUs and retransmits PDUs or reinitiates the connection if an excessive number of PDUs are
unacknowledged.
Transport Protocol Class 2 (TP2) performs segmentation and reassembly as well as multiplexing and demultiplexing
of data streams over a single virtual circuit.
Transport Protocol Class 3 (TP3) offers error recovery, segmentation and reassembly, and multiplexing and
demultiplexing of data streams over a single virtual circuit. TP3 also sequences PDUs and retransmits them or
reinitiates the connection if an excessive number are unacknowledged.
Transport Protocol Class 4 (TP4) offers error recovery, performs segmentation and reassembly, and supplies
multiplexing and demultiplexing of data streams over a single virtual circuit. TP4 sequences PDUs and retransmits
them or reinitiates the connection if an excessive number are unacknowledged. TP4 provides reliable transport
service and functions with either connection-oriented or connectionless network service. TP4, the most commonly
used of all the OSI transport protocols, is similar to TCP in the TCP/IP suite.
Both TP4 and TCP are built to provide a reliable, connection-oriented, end-to-end transport service on top of an
unreliable network service. The network service may lose packets, store them, deliver them in the wrong order, or
even duplicate packets. Both protocols must be able to deal with the most severe problems (e.g., a subnetwork
stores valid packets and sends them at a later date). TP4 and TCP both have connect, transfer, and disconnect
phases, and their principles of operation during these phases are also quite similar.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Layer 4 of the OSI model


Responds to requests from the higher layers and relays
requests to the network layers
Provides reliable or unreliable transfer of data
Can provide end-to-end error checking and flow control
TCP and UDP are transport protocols for the TCP/IP stack

Module 5 page 4

Ports

FTP

Telnet

21

23

HTTP

80

SMTP

IMAP

DOOM

DNS

TFTP

25

143

666

53 53

69

70

UDP

TCP

Alcatel-Lucent Scalable IP Networks v1.1

Gopher

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

Ports identify an application service. This is how the transport layer can differentiate between application services.
Each process that wants to communicate with another process identifies itself to the transport layer by using one or
more port numbers.
A port is a 16-bit number used by the host-to-host protocol to identify to which higher-level protocol or application
service it must deliver incoming messages. There are two types of port numbers:
Well-known ports Well-known port numbers belong to standard servers. Well-known port numbers range from 1 to
1023. These port numbers are assigned by the IANA.
Ephemeral Client applications do not require well-known port numbers as they initiate communications with
servers. Each client process is allocated a port number for as long as it needs it by the host system. Ephemeral port
numbers occupy the 1024 to 65535 range and are not controlled by the IANA. Because the host dynamically assigns
the port number to the client application, the port number may vary each time that the client application is
launched.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Application Services

Module 5 page 5

Sockets

Socket address = Protocol, local IP address, and local port


number (e.g., TCP, 138.120.3.1, 15633)
Conversation = Protocol, local IP address, local port number,
remote IP address, and remote port number
(e.g., TCP, 138.120.3.1, 15633. 137.10.2.2, 23)
Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

Sockets are primarily used to differentiate between applications. Although applications on different hosts can be
differentiated using IP addresses and destination address, it is impossible to differentiate between two sessions on
the same hosts for the same application. The sockets also ensure that a datagram that arrives at the wrong host will
not be accepted by the transport layer even though the well-known port exists. It is conceivable that an IP header
could have its IP address corrupted and might therefore arrive at the wrong device. If the IP checksum is ignored, it
is passed to the transport layer, where the port is examined.
Example: There are two Telnet sessions between Host A and Host B. The IP address and destination port numbers are
not enough for Host B to differentiate between the two Telnet sessions. In this case, having the source port numbers,
which are unique for each Host A client session, are required for Host B to discern between the packets of each of
the session. A detailed example of Telnet is in the next slide.
In general, a client program, in this case a Telnet request from Host A, uses a unique source port number and uses
the well-known port number (23 as the destination port on the server program on Host B).

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Unique application handle into the TCP/IP stack


Used to differentiate application users between network hosts
Formulated by using transport protocol, IP address, and
application source/destination port numbers
Created at both ends of the data transfer (i.e., source and
destination)
Example:

Module 5 page 6

Transport Example Telnet

Telnet
Client 1

Telnet
server

Telnet
Client 2

Operating
system

Operating
system

Operating
system

Enable Telnet server application


Enable Telnet client 1 application
Create client socket TCP,138.120.191.233,15633
Connect to server

Create socket address TCP,138.120.168.100,23


Listen to client requests, incoming request from Client 1
Conversation: TCP,
138.120.168.100,23,138.120.191.233,15633

Enable Telnet client 2 application


Create client socket TCP,138.120.191.233,15322
Connect to server

Incoming request from Client 2


Conversation: TCP,
138.120.168.100,23,138.120.191.233,15322

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

PC A wants to Telnet into a server with two applications, A1 and A2.


The IP address of A is 138.120.191.233 and the server address is 138.120.168.200.
Application A1 opens a client session with a socket handle.

Application:

Telnet

Source port number:

15633

Destination port number: 23

Transport layer:

TCP

Socket handle:

TCP, 138.120.191.233, 15633

Application A2

Application:

Telnet

Source port number:

15322

Destination port:

23

Transport layer:

TCP, 138,120.191.233, 15322

The server enables the Telnet server and creates a destination socket.

Application:

Telnet server

Source port number:

23

Destination port number: 15633,15322

Socket numbers:

Scalable IP Networks v1.00

TCP, 138.120.168.200, 23

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

TCP/IP

Module 5 page 7

Section 2 Transmission Control Protocol

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Transport Layer Overview

Transmission Control Protocol Concepts


Host B
Application

Application

Service

Service

Port X
TCP

IP

Port Y

Reliable TCP
connection

TCP

IP

Unreliable IP
datagrams

Network interface

Alcatel-Lucent Scalable IP Networks v1.1

Network interface

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

The primary purpose of TCP is to provide reliable communications between application services. TCP understands
that the lower levels are unreliable, so TCP must guarantee the delivery of the data itself.
Data transfer From the application-services viewpoint, TCP provides a contiguous stream of data through the
network. TCP groups the bytes into segments, which it passes to the Internet layer for transmission to the
destination.
Reliability TCP uses sequence numbers for each byte transmitted and expects to receive an acknowledgment from
the distant end. If the acknowledgment is not received within a specific interval, the data is retransmitted.
Flow control The TCP process of the distant end, when sending an acknowledgment back, informs the sender of
the number of bytes it can receive above the last TCP segment, without causing an overflow of its internal buffers.
This is done by specifying the highest sequence number that it can receive.
Multiplexing Multiplexing and demultiplexing are achieved using port numbers.
Logical connections To support reliability and flow control, TCP must initialize and maintain status information for
each connection. This status information contains sockets, sequence numbers, and window size. These components
combine to form a logical connection.
Full-duplex TCP maintains full-duplex data streams.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host A

Module 5 page 9

Establishing a TCP Connection

Application

Service

Service

Port X

Port Y
1. Active Open SYN, seq=A
2. SYN+ACK, seq=B

TCP

TCP

ACK A+1
3. ACK
Send ACK B+1

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

10

All rights reserved 20062007 Alcatel-Lucent

Before transmitting any data, TCP must establish a connection between the two application services. This connection
establishment is referred to as the three-way handshake. As shown in the figure above, the opening TCP segments
include the sequence numbers from both sides.
After a session is established between the two hosts, data can be transferred until the session is interrupted or shut
down. Data is sent in pieces; each piece forms a TCP segment. A TCP segment is a combination of the data and a TCP
header.
Send SYN This is a request for a session.
Receive SYN A session request has been received.
ACK This is the acknowledgment and shows the sending unit of the next sequence number that the receiver
expects to see.
This begins with a SYN (Synchronize) segment (as indicated by the code bit) that contains a 32-bit Sequence number
A called the Initial Send Sequence (ISS), which is chosen by, and sent from, Host A. The 32-bit sequence number A is
the starting sequence number of the data in the packet and increments by 1 for every byte of data sent within the
segment (i.e., there is a sequence number for each octet sent). The SYN segment also puts the value A+1 in the first
octet of the data.
Host B receives the SYN with sequence number A and sends a SYN segment with its own totally independent ISS
number B in the sequence number field. In addition, Host B sends an increment on the sequence number of the lastreceived segment (i.e., A+1) in its Acknowledgment field. The Acknowledgment number informs the recipient that
its data was received at the other end and that it expects the next segment of data bytes to be sent, to start at
sequence number A+1. This stage is often called the SYN-ACK. It is here that the MSS is agreed on.
Host A receives the SYN-ACK segment and sends an ACK segment containing the next sequence number (B+1). This is
called the Forward Acknowledgment and is received by Host B. The ACK segment is identified by the fact that the
ACK field is set. Segments that are not acknowledged within a certain interval are retransmitted.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Host B

Host A
Application

Module 5 page 10

TCP Header

Source Port

Destination Port
Sequence Number

Acknowledgment Number
Res.

FIN
SYN
RST
PSH
ACK
URG

HLEN

Checksum

Window
Urgent Pointer

Options and Padding


Data

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

11

All rights reserved 20062007 Alcatel-Lucent

Source and Destination ports Identify the upper-layer applications using the connection
Sequence Number This 32-bit number ensures that data is correctly sequenced. Each byte of data is assigned a
sequence number. The first byte of data by a station in a particular TCP header has its sequence number in this field
(e.g., 58000). If this packet has 700 bytes of data in it, the next packet sent by this station will have sequence
number 58000 + 700 = 58700.
Acknowledgment Number This 32-bit number indicates the next sequence number that the sending device is
expecting from the other station.
HLEN Gives the number of 32-bit words in the header. Sometimes called the Data Offset field.
Reserved Always set to 0
Code bits The following flags indicate the nature of the header:

URG Urgent Pointer

ACK Acknowledgment

PSH Push function; causes the TCP sender to push all unsent data to the receiver rather than sends
segments when it gets around to them (i.e., when the buffer is full).

RST Reset the connection

SYN Synchronize sequence numbers

FIN End of data

Window Indicates the range of acceptable sequence numbers beyond the last segment that was successfully
received. It is the allowed number of octets that the sender of the ACK is willing to accept before an
acknowledgment.
Urgent Pointer Shows the end of the urgent data so that interrupted data streams can continue. When the URG bit
is set, the data is given priority over other data streams.
Checksum Used to verify integrity of the TCP segment. Checksum calculation is performed on the TCP pseudoheader and data. This is the IP source and destination addresses, TCP header and the TCP data.
Option Mainly only the TCP MSS, sometimes called Maximum Window Size or SMSS. A segment is a series of data
bytes within a TCP header.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

32 Bits

Module 5 page 11

TCP Windows

Send Window
6 5 4 3

Receive Window

Alcatel-Lucent Scalable IP Networks v1.1

Receive Window

2 1

Send Window

Buffered Data
9 10 1112

1 2 3 4

5 6 7 8

Module 5 |

All rights reserved 20062007 Alcatel-Lucent

12

TCP uses a send/acknowledge/send scheme to ensure the reliable delivery of data. If this was done one segment at a
time, it would still ensure the reliable delivery of the data but would not be a very efficient use of the bandwidth of
the link.
TCP uses windows to ensure the reliable delivery of data as well as use the available bandwidth. TCP groups the
segments together in the send window and transmits them as a group. However, the transmitting host expects an
acknowledgment from the receiver for each individual segment in that group. When the sender has received the
acknowledgments, it then moves data from the buffer into the send window and transmits the next group of
segments. This is why the send window of the local host and the receive window of the distant host must be the
same.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Buffered Data
12 11 10 9 8 7

Module 5 page 12

Sliding Windows

12 11 10 9 8 7 6 5 4 3

2 1

Wnd 6

Can Send 3-6

Receive Window

Receive Window

12 11 10 9 8 7 6 5 4 3

2 1
Ack 3
Wnd 4

Cannot send any

Receive Window

12 11 10 9 8 7 6 5 4 3

2 1
Ack 7

Can send 7-12, only 7-9 sent

Wnd 0
Receive Window

12 11 10 9 8 7

6 5 4 3 2 1
Ack 7
Wnd 6

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

13

All rights reserved 20062007 Alcatel-Lucent

The concept of sliding windows keeps the network protocol saturated with packets to transmit. Because an
acknowledgment is not required for every segment transmitted, network bandwidth is more efficiently used.
During the establishment of a TCP session, the MSS and the receivers window size are negotiated. This indicates that
the receiver and sender in both directions have decided that, any one time, a sender can transmit bytes up to the
MSS. However, this is not always the case: the transmit (slow start ) will often only transmit a limited number of
segments to the receiver, as indicated by the receivers window size. The receivers window can be thought of as the
current buffer size for the received packets. When the sender sends the required number of packets specified by the
window size, the receiver buffer is full. If the received buffer is only partially cleared by the TCP application, the
receiver sends back an ACK specifying the new window size, which is the originally negotiated window size minus the
partially cleared segments. The sender then slides its window by the number of segments transferred and can only
send the number of packets equal to this new window size.
Example:
Assume a negotiated window size of 6 segments.
The sender only sends 2 segments.
The receiver sends an ACK back, indicating the start of the next segment and also a new window size of 4 because
the first 2 segments are still buffered.
The sender sends the remainder of the 4 segments, and fills up the receivers window.
The receiver sends an ACK 7 with a window size of 0 because its received buffer is full.
The sender is unable to transfer any more segments.
When the TCP application on the receiver side clears the buffer, the sender then transmits 3 segments.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Can Send 1-6, only 1-2 sent

Buffered Data

Module 5 page 13

Acknowledgment and Retransmission


Send 1-6

Receive Window

2 1

Send 3-8
12 11 10 9 8 7 6 5 4

Receive Window
2 1

3
Ack 3

Send 3-8
12 11 10 9 8 7 6 5 4

Receive Window
2 1

3
Ack 3

Send 3-8
12 11 10 9 8 7
3

Receive Window
6 5 4

2 1

Retransmit
Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

14

All rights reserved 20062007 Alcatel-Lucent

With reference to the slide above, the sender window transmits a group of segments (1 to 6). The receive window
receives segments 1 and 2 and acknowledges the receipt of those segments by telling the sender that the next
segment it expects to see is sequence number 3. The window slides at the transmitting host.
For some reason, segment 3 is lost. The receive window continues to receive the rest of the segments; however,
when it acknowledges the receipt of the segments, it informs the transmitting host that it is still expecting to see
segment 3. The senders window cannot slide past segment 3. The sender host continues to send all the bytes in the
window. Eventually, a timeout will occur and the sending host will retransmit.
The problem arises as to how much information the sender should retransmit. It does know that segment 3 was lost;
however, it does not know the status of segments 4 to 6. The decision must therefore be made as to whether the
sending host retransmits just segment 3 or all data from segment 3 on.
Each TCP instance is free to react to these outages as it wants: either just retransmit the current missing segment
and wait for an acknowledgment to tell it of other segments that may be missing, or transmit everything from
segment 3 on and let the receive window deal with the duplicate segments.
This occurs because the actual acknowledgment is not of the segment that it has received but to identify the next
segment that it expects to see.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Buffered Data

12 11 10 9 8 7 6 5 4 3

Module 5 page 14

TCP Operation Example

Initial 3-way
handshake

SYN

Seq.no. 286 (next seq.no. 287)


Ack.no. 123 Wnd 8760 LEN = 0B

Data transfer

Seq.no. 123 (next seq.no. 323)


Ack.no. 287 Wnd 8760 LEN = 200B

Host 1
10.10.10.1/24

SYN+ACK
ACK

Seq.no. 123 (next seq.no. 123)


Ack.no. 287 Wnd 8760 LEN = 0B

Host 2
10.10.10.2/24

Ack.no. 323 Wnd 8560


Seq.no. 323 (next seq.no. 723)
Ack.no. 287 Wnd 8760 LEN =
Ack.no. 723 Wnd 8160
400B

Closing
session

Seq.no. 723 (next seq.no. 724)


Ack.no. 287 Wnd 8760 LEN = 0B
Seq.no. X (next seq.no. X+1)
Ack.no. 724 Wnd 8160 LEN = 0B
Seq.no. 724 (next seq.no. 724)
Ack.no. 0 Wnd 8760 LEN = 0B

Alcatel-Lucent Scalable IP Networks v1.1

FIN
FIN+ACK
ACK

Module 5 |

15

All rights reserved 20062007 Alcatel-Lucent

Assumptions:
Although the data transfer and window parameter negotiation occurs as a duplex, the slide above only shows a singlesided transfer.
The session begins with station 10.10.10.1/24 initiating a SYN that contains the sequence number 122, which is the
ISS. In addition, the first octet of data contains the next sequence number, 123. There are only zeros in the
acknowledgment number field as this is not used in the SYN segment. The window size of the sender starts off as
8192 octets as assumed to be acceptable to the receiver.
The receiving station sends its own ISS (286) in the sequence number field and acknowledges the sender's sequence
number by incrementing it by 1 (287), expecting this to be the starting sequence number of the data bytes that will
be sent next by the sender. This is called the SYN-ACK segment. The receiver's window size starts off as 8760.
When the SYN-ACK has been received, the sender issues an ACK that acknowledges the receiver's ISS by incrementing
it by 1 and placing it in the acknowledgment field (287). The sender also sends the same sequence number that it
sent previously (123). This segment is empty of data, and we do not want the session to keep ramping up the
sequence numbers unnecessarily. The window size of 8760 is acknowledged by the sender.
From now on ACKs are used until just before the end of the session. The sender now starts sending data by stating
the sequence number 123 again because this is the sequence number of the first byte of the data that it is sending.
Again, the acknowledgment number 287 is sent, which is the expected sequence number of the first byte of data
that the receiver will send. In the above scenario, the sender is initially sending 200 bytes of data in one segment.
The network analyzer may indicate the next expected sequence number in the trace: in this case, 123 + 200 = 323.
The sender has now agreed on the window size of 8760 and uses it itself.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Seq.no. 122 (next seq.no. 123)


Ack.no. 0 Wnd 8192 LEN = 0B

Module 5 page 15

TCP Congestion Control Slow Start


Send Window
6 5 4 3

Receive Window

2 1

1
Ack 2

cwnd 1
Buffered Data
12 11 10 9 8 7

Send Window
6 5 4 3

Receive Window

2 1

3 2 1
Ack 4

cwnd 3 2
Buffered Data
12 11 10 9 8 7

Send Window
6 5 4 3

Receive Window

2 1

6 5 4 3 2 1
Ack 7

cwnd

6 5 4

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

17

All rights reserved 20062007 Alcatel-Lucent

Initially, when TCP first establishes a connection, it sends a group of segments of the size specified by the receiving
hosts window. If the two hosts are in the same LAN, this should not be an issue. However, if they are in different
networks, the possibility of low-speed links exists and the result could be multiple packet discards and multiple
retransmissions, causing congestion in the network.
To avoid this situation, TCP uses what is referred to as slow start. Slow start creates another window for the
sender, called the congestion window (cwnd). The congestion window starts out as one segment. When the sender
receives an acknowledgment, it doubles the size of the congestion window to two segments. Again, after an
acknowledgment is received, the sender doubles the size of the congestion window to four. This continues until the
advertised size of the receive window is reached or until the capacity of the network is reached.
Note that in the slide above at the last step, the sender sends only 3 segments despite its congestion window size
being 4 segments. This is because the receivers window size at this point is 3 segments.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Buffered Data
12 11 10 9 8 7

Module 5 page 17

TCP Congestion Control Congestion Avoidance


Receive Window
10
8 7

8 7
Ack 9

Ack 9

Send Window
cwnd
18 17 16 15 14 13 12 11 10 9

Step 2

Initiate Slow Start

Start congestion
avoidance

Step 4

Ack 11
8 7

cwnd 12 11

12 11 10
Ack 13

24 23 22 21 20 19 18 17 16 15 14 13
Increase one
Segment at a time

Step 5

Receive Window
10 9 8 7

8 7

cwnd 9

18 17 16 15 14 13 12 11 10 9

Step 3

Duplicate Ack

cwnd 15 14 13

15 14 13
Ack 16

27 26 25 24 23 22 21 20 19 18 17 16
Increase one
Segment at a time

Alcatel-Lucent Scalable IP Networks v1.1

cwnd 19 18 17 16

19 18 17 16
Ack 20

Module 5 |

18

All rights reserved 20062007 Alcatel-Lucent

Although it is a totally different process, congestion avoidance works hand-in-hand with slow start. With the
improvements in network design, the TCP process assumes that packet loss due to damage is rare. Therefore, the loss
of a packet must indicate network congestion and that the packet was discarded. The congestion avoidance process
has two indications of packet loss:
A timeout occurs.
A duplicate ACK is received.
The slide above shows the process if a duplicate ACK is received. However, if a timeout occurs, the process would be
the same. When the duplicate ACK is received, the slow start process is initiated and the congestion window is set
back to one segment. It continues to double in size with each acknowledgment until it reaches half the original
window size before the duplicate ACK was received. At this point, the congestion avoidance process takes over and
increases the congestion window one segment at a time with each received ACK. This cycle continues until the TCP
process reaches a steady state.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

18 17 16 15 14 13 12 11 10 9

Step 1

Module 5 page 18

Section 3 User Datagram Protocol

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Transport Layer Overview

User Datagram Protocol

Application

Application

Application

Service 1

Service 2

Service 3

Service 4

Port 67

Port 69

Port 123

Port 56981

UDP
Multiplexing and Demultiplexing

IP

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

20

All rights reserved 20062007 Alcatel-Lucent

Unlike TCP, UDP offers no delivery guarantees or congestion avoidance. It is considered to be a means of best-effort
transport. UDP simply provides a transport mechanism for one application to send a datagram to another application.
The responsibility for error recovery or any form of reliability resides with the application itself.
Like TCP, UDP uses port numbers to identify the receiving and sending application processes. It uses these port
numbers in its multiplexing and demultiplexing operations.
Because there is no windowing (buffering) or any retransmission capability, UDP has found favor with real-time
applications such as VoIP.
The following are some of the well-known UDP port numbers :
Port 67 DHCP (Dynamic Host Configuration Protocol)
Port 69 TFTP (Trivial File Transfer Protocol)
Port 123 NTP (Network Timing Protocol)
Port 520 RIP (Routing Information Protocol)

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Application

Module 5 page 20

UDP Header

Source Port

Destination Port

Length

Checksum
Data

Alcatel-Lucent Scalable IP Networks v1.1

Module 5 |

21

All rights reserved 20062007 Alcatel-Lucent

The UDP header is extremely simple when compared to the TCP header. There are no synchronization, sequence, or
acknowledgment fields. All that the header contains is the source application port number, the destination
application port number, a length field for the length of the data, and a checksum for the UDP pseudo-header and
data (IP source and destination addresses, UDP header and UDP data). This gives the UDP packet very little overhead.
Some protocols that use UDP include: SNMP, DNS, and DHCP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

32 Bits

Module 5 page 21

Module Summary

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 5 |

22

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

This module provided an overview of the protocols in the


transport layer.
TCP uses sockets differentiate between applications.
TCP provides connection-oriented services between hosts.
TCP provides delivery guarantees for data.
UDP uses ports for addressing.
UDP provides a connectionless service.
UDP provides no delivery guarantees for data.

Module 5 page 22

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 5 |

23

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. In TCP, what is a send_SYN used for?


A. Request a session.
B. Synchronize the buffer rate.
C. Synchronize the flow control.
D. Request a retransmission of a missing segment.
2. In TCP, must the send and receive windows on a local host match?
A. Yes
B. No
3. What process works in conjunction with the congestion-avoidance
process in TCP when network congestion is detected?
A. Sliding window
B. Acknowledgment
C. Slow start

Module 5 page 23

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 5 |

24

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

4. What does UDP use to establish a session?


A. Session request
B. Window size
C. Hello protocol
D. Nothing
5. How does UDP identify the application services that it is
supporting?
A. Socket number
B. Port number
C. IP address
D. UDP allows the higher levels to track the application
Service.

Module 5 page 24

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 6 IP Routing

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Discuss the operations and functions of a router
Discuss the uses and benefits of static and default routes
Discuss the operation of the distance vector protocol RIP

Module 6 - page 2

Section 1 Router Functions

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Routing

Functions of a Router

FCS

Payload

Type

Source
MAC

Destination
MAC

Source
IP

Destination
IP

1. Read the destination MAC address.


2. Check the FCS.
3. Check the protocol and extract the payload.
4. Record the destination IP address.

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

When a router receives a frame from a LAN, the first task is to read the destination MAC address to ensure that the
router is the intended recipient of that frame.
The next step, assuming that the router is the intended recipient of the frame, is to check the FCS to see if there are
any errors with the frame. If there are errors, the router discards the frame at this point.
Assuming the frame is received without error, the router checks the Type field to see which protocol is in the
payload. The router then strips off the L2 headers and trailer and moves the payload to the L3 protocol.
The L3 protocol is mainly interested in the destination L3 address. It uses this address to make its forwarding
decision.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 6 - page 4

Functions of a Router (cont'd)

Source

Destination

IP

IP

Routing Table
5

Network

FCS

Protocol

Payload

Type

Source
MAC

Next-hop

Destination
MAC

5. Check the routing table to see if the network is reachable.


6. If the network is found, re-encapsulate the packet in an L2 frame.

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

The router, after examining the destination L3 address, consults its routing table to find out how to best handle the
packet. The routing table reflects network reachability information (network). It then shows how the network was
learned (protocol): is it local, a static router, or from a dynamic routing protocol? The final piece of information that
concerns the router is what interface the packet is forwarded to (next-hop) so that it can reach its destination. If the
packet is a network broadcast packet, the router discards the packet.
When the decision has been made, the router forms a new frame by encapsulating the packet in an L2 frame and
sends it out the appropriate interface.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 6 - page 5

Movement of Data

IP 2.2.2.2

MAC = A

MAC = D

Gateway =
1.1.1.1 - B

IP 2.2.2.1
MAC = C
IP 1.1.1.1
MAC = B

IP 3.3.3.2

IP 3.3.3.1

Source

Dest.

1.1.1.2

2.2.2.2

ARP Cache
2.2.2.2 = D

F
C

Data

Source

Dest.

WAN

1.1.1.2

2.2.2.2

PPP

F
C

Data

Source

Dest.

1.1.1.2

2.2.2.2

F
C

Data

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

The basic flow of a packet of data through a network is as follows:


Device A (1.1.1.2) wants to send data to server D (2.2.2.2). Because device A is not located on the same segment as
that of device D, it must use the default gateway for the segment. This default gateway is seen as IP address 1.1.1.1
in the figure above. Device A will ARP the 1.1.1.1 address to learn the MAC address of the gateway. The router
responds with MAC address B. Device A is now able to encapsulate the data, as shown in the top block diagram.
Note that the source and destination IP addresses identify the overall source and destination devices, whereas the
frame source and destination addresses identify the path across the Ethernet segment only.
When the packet arrives at the left router (router B), the router removes the L2 header and trailer, checks its routing
table, and determines that the data needs to be sent to the right router (router C). To accomplish this, router B
encapsulates the data in a PPP frame and forwards it.
Router C removes the PPP frame and consults its routing table. Noting that the destination IP network is directly
connected to its Ethernet port, router C consults its ARP cache to determine the framing. When the destination L2
MAC address is determined, router C can create the frame of data and forward it to router D.
Note that the IP addressing did not change throughout this movement of data. However, the L2 framing changed over
each segment that the packet traversed. The IP address identifies a device within the entire network topology,
whereas the L2 address identifies a device on that segment only.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP 1.1.1.2

Module 6 - page 6

Routing Table Entries

===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix
Type
Proto
Age
Pref
Next Hop[Interface Name]
Metric
------------------------------------------------------------------------------10.1.2.0/24
Local
Local
03d23h08m
0
to-p2r1
0
10.1.3.0/24
Local
Local
03d23h08m
0
to-p3r1
0
10.1.4.0/24
Local
Local
04d00h34m
0
to-p4r1
0
10.2.3.0/24
Remote OSPF
00h41m00s
10
10.1.2.21
2000
10.2.4.0/24
Remote OSPF
00h41m00s
10
10.1.2.21
2000
10.3.4.0/24
Remote OSPF
04d00h16m
10
10.1.3.31
2000
10.10.10.11/32
Local
Local
06d18h33m
0
system
0
10.10.10.21/32
Remote OSPF
00h41m04s
10
10.1.2.21
1000
------------------------------------------------------------------------------No. of Routes: 8
===============================================================================
Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

As shown in the slide above, there is a lot of information in a routing table. Routing table entries show network
reachability information, how the router learned about the network, and how to reach the network that it has
learned.
The routing table Protocol field is broken down into three different categories of routes:
Static routes Static routes are configured by the user. These routes define the next hop that a packet will take to
reach a particular network. A static route overrides any routes learned through a dynamic routing protocol. There are
two types of static routes: standard static route, which defines a network address and a next-hop, and default route,
which uses 0.0.0.0/0 as the network address. This address is the wildcard address. If a packet does not match any
destination addresses in the routing table, it matches the default route and takes the next hop in an attempt to get
to its destination.
Local routes These networks belong to directly connected interfaces. In a route look-up, these routes have priority
over all others.
Dynamic routes Dynamic routes are learned via a protocol (OSPF, IS-IS, BGP). Dynamic routes use metrics in the
protocol to decide which route to install in the routing table, and they use the preference value to decide which
protocol to believe if the network is learned via multiple protocols.
The Metric field is used by the router to decide which route to enter in the forwarding table when it has learned
multiple routes to the same destination from the same protocol.
The Preference field is used by the router to decide which route to enter in the forwarding table when it has learned
multiple routes to the same destination from different protocols.
When the router performs a routing table lookup it selects the entry with the longest match to the destination IP
address in the packets destination field.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:PE1# show router route-table

Module 6 - page 7

Routing Protocols

Explicitly define next

Dynamic

IGP

EGP

hop on every router/


Define default route

Distance Vector
RIPv1 and RIPv2

Link State

Path Vector

OSPF

BGP

IS-IS

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

Routing protocols can be divided into two main categories: static and dynamic. The dynamic routing protocol can be
further divided into two main categories: IGP and EGP.
Interior gateway protocols can be further divided into distance vector and link state protocols.
Distance vector A DV protocol uses a hop-count metric, to take the shortest route to a destination regardless of the
bandwidth capability of the path. The common DV protocols are RIPv1 and RIPv2.
Link state An LS protocol uses a cost metric that is a representation of the status of the link as well as the physical
bandwidth of the interface. The LS protocols make their path selection based on the route that has the least cost,
which is representative of the path that has the most physical bandwidth. It may not be the shortest path, but it is
the best path with regard to bandwidth. Common LS protocols are OSPF and IS-IS.
Path vector A path vector protocol is a routing protocol, sometimes known as a policy routing protocol, that is used
to span different autonomous systems (e.g., BGP). The routing table maintains the autonomous systems that are
traversed to reach the destination system.
Exterior gateway protocols BGPv4 is the current standard for EGP. BGP is a specialized distance vector protocol
that chooses the path not based on the number of routers that it must go through but rather based on the number of
autonomous systems that it must go through.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Static

Module 6 - page 8

Static Routes

Router 2
10.1.1.1/30
10.1.1.2/30

Router 1

static-route in Router 1:
Config router static-route 192.168.1.0/24 next-hop 10.1.1.1
metric ?? pref ??

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

All rights reserved 20062007 Alcatel-Lucent

Static routes are manually configured and describe the remote destination network and the next hop that a packet
must be forwarded to to reach the destination. The entry can be a single network or a range of networks.
If the local router does not participate in route advertising (dynamic routing), the remote routers must also have a
static entry that defines how to return packets to the local router.
Static routing saves bandwidth and processing as there are no advertisements or updates. However, there is no realtime indication if the destination becomes unreachable.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

192.168.1.0/24

Module 6 - page 9

Default Routes

Stub
Router 2
10.1.1.1/30
10.1.1.2/30

Router 1

Static-route in Router 2:
Config router static-route 0.0.0.0/0 next-hop 10.1.1.2
metric ??? pref ???

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

10

All rights reserved 20062007 Alcatel-Lucent

A default entry in the routing table is a wildcard entry that fits any destination. This is used when the destination
address of a packet is not specifically defined in the routing table. It is recommended for use in stub routers, in
which there is only one way for the stub network to get to all remote networks.
The destination network is 0.0.0.0, which describes any network, with a network mask of 0.0.0.0. A default route is a
form of static route. It is the selection of the network address and mask (0.0.0.0/0) that define it as a default route.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

192.168.1.0/24

Module 6 - page 10

LAB 2.4-2.5 Static and Default Routes

Edge-Pod1

Core-Pod1

Core-Pod3

Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Pod2

Edge-Pod2

Core-Pod2

Core-Pod4

Edge-Pod3
Edge-Pod4

Module 6 |

Pod4

11

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Pod1

Module 6 - page 11

Routing Protocol Basics

Router 1

How does
Network A
send data to
Network B?

Router 2

?
Router 4

Router 3
Network B

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

12

All rights reserved 20062007 Alcatel-Lucent

All dynamic routing protocols serve the same purpose: to find paths through a network to connect different networks
and then to advertise that information to neighbors. The dynamic routing protocols are all built around an algorithm
that gives a router the capability of deciding which route to install in the routing table and then advertising that
information to its peers.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Network A

Module 6 - page 12

Path Determination
Network A can reach Network B via Path
1 or Path 2. Which one is preferred?

172.16.1.0/24

Router 1

172.16.3.1/30
Router 2

172.16.3.2/30
172.16.3.13/30

172.16.3.14/30

Path 1

Path 2

172.16.3.5/30

172.16.3.6/30
Router 4

172.16.3.10/30
Router 3

Network B

172.16.3.9/30

172.16.2.0/24

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

13

All rights reserved 20062007 Alcatel-Lucent

All networks are interconnected through routers and when a router has an interface connecting it to another router,
the interface must have an address that belongs to a network. In the figure above, there are six distinct networks.
Router 1 knows about networks 172.16.1.0/24, 172.16.3.0/30, and 172.16.3.12/30 because it has interfaces or local
connectivity to the networks. Likewise, Router 2 knows about networks 172.16.3.0/30 and 172.16.3.4/30. Router 3
knows about networks 172.16.3.12/30 and 172.16.3.8/30, and Router 4 knows networks 172.16.3.8/30,
172.16.3.4/30, and 172.16.2.0/24.
Router 1s function is to enter its locally connected networks into its routing table and identify them as locally
connected networks. It then takes this information and advertises it to routers 2, 3, and 4. This advertisement is
called a router update. Routers 2, 3, and 4 will carry out the same operation, advertising their routing updates to the
other routers in the network.
Complexity occurs when a router receives this information. For example, when Router 1 receives the information
from Router 2 should it place this information in its routing table? Should it pass this information on to Router 3? If
Router 1 has heard about network 172.16.3.4/30 from Router 2 and Router 3, which entry should it put in its routing
table?

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Network A

Module 6 - page 13

172.16.1.0/24

Router 1

to Router 3

Alcatel-Lucent Scalable IP Networks v1.1

Network
172.16.3.0/30
172.16.3.0/30
172.16.3.12/30
172.16.3.12/30
172.16.1.0/24
172.16.3.4/30
172.16.3.4/30
172.16.3.8/30
172.16.3.8/30
172.16.2.0/24
172.16.2.0/24

Next-hop router
to Router 2
172.16.3.14
to Router 3
172.16.3.2
to Net A
172.16.3.2
172.16.3.14
172.16.3.14
172.16.3.2
172.16.3.2
172.16.3.14

Module 6 |

14

Metric
0
3
0
3
0
1
2
1
2
2
2

All rights reserved 20062007 Alcatel-Lucent

As shown in the figure above, Router 1 is being flooded with information about network reachability and which paths
it can use to get
. to those destinations. The router requires a way of determining which path is best when it has
received multiple paths to the same destination. This method of determining the best path is referred to as metrics.
A metric is a value that is assigned to each path to assist in determining which path is best.
In the figure above, Router 1 sees networks 172.16.1.0/24, 172.16.3.0/30, and 172.16.3.12/30. These are local
directly connected interfaces. Each of these networks can reach the others because they are directly connected and
are considered the best paths. The other three networks, 172.16.3.4/30, 172.16.3.8/30, and 172.16.2.0/24, can be
reached via multiple paths. Therefore, the router must decide on a best path to each of these networks among all
the paths. Metrics is one of the criteria used by the router to make this decision.
Metrics depend on the type of protocol used. RIPv1 and RIPv2 use hop count for a metric, OSPF and IS-IS use port
bandwidth as a metric, and BGP uses AS path count as a metric. Note that metrics are always 0 for a directly
connected network.
The hop-count metric chooses the path that goes through the fewest number of routers. It does not take into account
the bandwidth of the links. With regard to the above example for network 172.16.3.8/30, using hop count, Router 1
would select the path that goes through Router 3. This link could be T1 while the path through Routers 2 and 4 are
going over gigabit Ethernet links.
Bandwidth metric will choose a higher bandwidth path over a shorter distance. In the previous hop-count metric
example, a dynamic protocol that uses bandwidth, such as OSPF and IS-IS, would choose the path through Routers 2
and 4 to reach network 172.16.3.8/30 even though the physical distance is twice as long.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Network A

to Router 2

Metrics

Module 6 - page 14

Convergence

172.16.1.0/24
Network
172.16.3.0/30
Router 1

Router 2

Network

Network

172.16.3.12/30

172.16.3.4/30

Network
Router 4

172.16.3.8/30
Router 3

Network B
172.16.2.0/24

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

15

All rights reserved 20062007 Alcatel-Lucent

All dynamic routing protocols require a way of transmitting the information about their locally connected routes to
other routers in the network. Routers also require a method of receiving and processing the information. While
processing the information, a routing protocol must use its metrics to decide on the best path. Each router calculates
the best path to all networks advertised by every other router in the internetwork and places this information in its
routing table. The network is said to be in a convergence state when all routers have successfully computed the best
paths and placed them in the routing tables.
When the network topology changes, the neighbors must update their routing information and transmit this change
throughout the internetwork.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Network A

Module 6 - page 15

Section 2 Distance Vector Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Routing

Distance Vector Overview

RTR-B

RTR-A

100 Mb/s
1 Gb/s

1 Gb/s
1 Gb/s
RTR-C

Alcatel-Lucent Scalable IP Networks v1.1

RTR-D

Module 6 |

17

All rights reserved 20062007 Alcatel-Lucent

Distance vector routing algorithms (Bellman-Ford) pass periodic copies of a routing table from router to router.
Regular (timed-interval) updates between routers communicate topology changes.
Each router receives a routing table from its direct neighbor.

In the figure above, RTR-B receives information from RTR-A.

RTR-B uses the information received from RTR-A to recalculate its routing table.

RTR-B then sends its routing table to RTR-D.

This same step-by-step process occurs in all directions between direct-neighbor routers.

IMPORTANT With distance vector, no routing table is transmitted beyond the immediate neighbor. For example,
RTR-D never sees a routing update directly from RTR-A.
The distance vector algorithm allows network metrics to accumulate and maintains a table showing the next hop for
all destinations listed.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Routers send periodic updates to physically adjacent


neighbors
Updates contain distance (how far) and vectors (direction)
for networks

Module 6 - page 17

Distance Vector Overview (cont'd)

with routing
table
Periodic update
Update from neighbor

sent to neighbor
routers

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

18

All rights reserved 20062007 Alcatel-Lucent

The figure above shows the distance vector step-by-step process for updating all routers in an internet when a
topology change occurs.

Each router sends its entire routing table to each of its adjacent neighbors. This table includes reachable
addresses, a value representing the distance metric, and the IP address of the first router on the path to each
network that it knows about.

As each router receives an update from its neighbor, it calculates a new routing table and transmits that to
each of its neighbors at the next timed interval.

In a very large network with many routers, this process can take quite a while.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Process
and compare

Module 6 - page 18

Distance Vector Problems

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

19

RTR-D

RTR-C

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Network A
Routing loops
172.16.1.0/24
Network changes are sent to all routers
RTR-A
at periodic intervals.
Changes and updates are not sent
simultaneously.
Slow convergence can cause routing
loops.
RTR-B
If Network A becomes unreachable, RTRA sends an update to RTR-B.
RTR-B will update RTR-C and RTR-D, but
RTR-D can send its periodic update to
RTR-C and RTR-B before RTR-Bs update.
The packet for RTR-A from other routers
will go to RTR-D to RTR-B and then back
to RTR-D Routing Loop.

Module 6 - page 19

Loop Avoidance

10.0.0.0 2 Hops

RTR-A

Routing Table:
10.0.0.0 2 hops
via 1/1/2

Alcatel-Lucent Scalable IP Networks v1.1

10.0.0.0

10.0.0.0 1 Hop

RTR-B

RTR-C

Routing Table:
10.0.0.0 1 hop
via 1/1/1

Routing Table:
10.0.0.0 0 hops
via 1/1/3

Module 6 |

20

All rights reserved 20062007 Alcatel-Lucent

Split horizon is a loop-avoidance technique for physically adjacent devices. In simplistic terms, split horizon states
that an adjacent router will not readvertise a learned network to the router that originally advertised the network.
Without this policy, routers would be susceptible to routing loops. If RTR-C loses network 10.0.0.0, and if RTR-B does
not block readvertisments to RTR-C, RTR-C could think that network 10.0.0.0 is accessible via RTR-B. This would
cause a loop and a major disruption in traffic flow. To ensure this does not happen, all routers running a distance
vector protocol support split horizon.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Split horizon Do not advertise networks back to the source of


the network information.

Module 6 - page 20

Loop Avoidance (cont'd)

10.0.0.0 16 Hops

10.0.0.0 16 Hops

10.0.0.0

X
RTR-A

RTR-B

RTR-C

Routing Table:
10.0.0.0 16 hops
via 1/1/2

Routing Table:
10.0.0.0 16 hops
via 1/1/1

Routing Table:
10.0.0.0 16 hops
via 1/1/3

Routing Table:
10.0.0.0 2 hops
via 1/1/2

Routing Table:
10.0.0.0 1 hop
via 1/1/1

Routing Table:
10.0.0.0 0 hops
via 1/1/3

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

21

All rights reserved 20062007 Alcatel-Lucent

Route poisoning is used to speed up convergence. When used in conjunction with triggered updates, the convergence
of a network speeds up. Route poisoning is accomplished by the router that is directly connected to the network that
goes away. When it determines that the network is not accessible, the router sets the hop count to infinity (16 hops
for RIP) and forwards a message to all directly attached neighbors. The neighbors change their routing tables and
forward the message to their neighbors on all other links. Note that split horizon still applies when forwarding a route
poison advertisement.
In the example above, RTR-Cs Ethernet fails. RTR-C sets its routing entry to infinity and sends an update to RTR-B.
RTR-B changes its routing table entry and forwards the change to RTR-A. This ensures that all routers learn of the
topology change, and by keeping the route in the routing table, the possibility of creating a false path to network
10.0.0.0 is decreased.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Route poisoning When a network goes away, the sourcing


router sets the hop value to infinity and sends a triggered
update to its neighbors.

Module 6 - page 21

Loop Avoidance (cont'd)

10.0.0.0 16 Hops

10.0.0.0 16 Hops

Poison Reverse

Poison Reverse

10.0.0.0 16 Hops

10.0.0.0 16 Hops
10.0.0.0

X
RTR-A

RTR-B

RTR-C

Routing Table:
10.0.0.0 16 hops
via 1/1/2

Routing Table:
10.0.0.0 16 hops
via 1/1/1

Routing Table:
10.0.0.0 16 hops
via 1/1/3

Routing Table:
10.0.0.0 2 hops
via 1/1/2

Routing Table:
10.0.0.0 1 hop
via 1/1/1

Routing Table:
10.0.0.0 0 hops
via 1/1/3

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

22

All rights reserved 20062007 Alcatel-Lucent

Poison reverse is the only time that split horizon is violated in a distance vector routing protocol environment. The
idea of poison reverse is to confirm to the preceding device that the update about a network going away has been
recorded. This response to the originator also ensures that a loop-free topology is created.
In the example above, RTR-Cs Ethernet fails. RTR-C sets its routing entry to infinity and sends an update to RTR-B.
RTR-B changes its routing table entry and forwards the change to RTR-A. RTR-B also sends a poison reverse message
back out the interface that RTR-Cs message came in on. This ensures a loop-free topology. When RTR-A gets the
route poisoning message from RTR-B, it also sends a poison reverse message back on the interface that the message
was received on.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Poison reverse The only time that split horizon is violated.


Poison reverse helps to avoid loop creation when a network
fails.

Module 6 - page 22

Loop Avoidance (cont'd)

10.0.0.0 16 Hops

10.0.0.0 16 Hops

10.0.0.0

X
RTR-A

RTR-B

RTR-C

Routing Table:
10.0.0.0
10.0.0.0 16
2 hop
hop
Via
1/1/1
via 1/1/2

Routing Table:
10.0.0.0 16
1 hop
hop
10.0.0.0
via 1/1/1
Via
1/1/0

Routing Table:
10.0.0.0 16
0 hop
hop
10.0.0.0
via
Via 1/1/3
1/1/1

Hold-down timer
180 seconds

Hold-down timer
180 seconds

Hold-down timer
180 seconds

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

23

All rights reserved 20062007 Alcatel-Lucent

Hold-down timers keep the failed network in the routing table, with the hop count set to infinity, for a
predetermined period of time. This allows time for the other routers in the network to receive the topology change
update without causing loops.
In the example above, RTR-Cs Ethernet fails. RTR-C sets its routing entry to infinity and sends an update to RTR-B.
RTR-B changes its routing table entry by changing the metric to infinity, and it starts its hold-down timer. RTR-B will
not remove the route until the hold-down timer has expired. This ensures that all routers learn of the topology
change without causing a loop during convergence. Keeping the route in the routing table decreases the possibility of
creating a false path to network 10.0.0.0.
Note that RIP does not make use of a hold-down timer.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Hold-down timers Provide time for other routers to converge


and reduce the creation of loops when a network fails

Module 6 - page 23

Topology Change

10.0.0.0 16 Hops

10.0.0.0 16 Hops

Poison Reverse

Poison Reverse

10.0.0.0 16 Hops

10.0.0.0 16 Hops

10.0.0.0

X
RTR-A

RTR-B

RTR-C

Routing Table:
10.0.0.0
hop
10.0.0.0 16
2 hops
Via
1/1/0
via 1/1/2

Routing Table:
10.0.0.0 16
1 hop
hop
10.0.0.0
via 1/1/1
Via

Routing Table:
10.0.0.0 16
0 hops
10.0.0.0
hop
via
Via 1/1/3
1/1/0

Hold-down timer
180 seconds

Hold-down timer
180 seconds

Hold-down timer
180 seconds

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

24

All rights reserved 20062007 Alcatel-Lucent

When combined, the mixture of route poisoning, poison reverse, triggered updates, and hold-down timers provides a
robust loop-avoidance technique when routes fail in a network.
In the example above, RTR-Cs Ethernet fails. RTR-C sets its routing entry to infinity, sets the hold-down timer, and
sends an update to RTR-B. RTR-B changes its routing table entry, sets the hold-down timer, and forwards the change
to RTR-A. RTR-B also sends a poison reverse message back out the interface that RTR-Cs message came in on. When
RTR-A gets the route poisoning message from RTR-B, it also sends a poison reverse message back on the interface
that the message was received on. In addition, it modifies the routing entry by setting it to infinity and invokes its
hold-down timer.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Combined loop-avoidance mechanisms would look something


like this example:

Module 6 - page 24

Section 3 Configuring RIP

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IP Routing

RIPv1 Overview

Uses hop-count metric


Advertises updates with broadcast addressing
Maximum of 15 hops; 16 equals infinity
Maximum of 25 network entries per packet
30-second advertisement interval
No security or authentication
Classful routing protocol

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

26

All rights reserved 20062007 Alcatel-Lucent

RIPv1 was originally outlined in June 1988 and is defined in RFC 1058.
RIP is an IGP that uses a distance vector algorithm to determine the best route to a destination, using hop count as
the metric. A hop is a network-layer device such as a router. For the protocol to provide complete information on
routing, every router in the domain must participate in the protocol. RIP is a routing protocol based on a distance
vector (Bellman-Ford) algorithm, which advertises network reachability by advertising the prefix/mask and the
metric (also known as hop count or cost).
RIPv1 uses broadcast updates to advertise the networks. In the updates, the maximum number of networks that can
be advertised per packet is 25. Therefore, if a router needs to advertise 30 networks to its peers, it will send 2
packets every 30 seconds. The first will contain 25 network entries, and the second will contain the remaining 5
network entries. Alcatel-Lucent supports modification of this parameter to a maximum of 255 network entries per
packet.
By default, RIP advertises all RIP routes to each peer every 30 seconds. In RIP, the hop metric is limited to a
maximum value of 15 hops, i.e., networks can be no more than 15 routers away. To signify that a network is
unreachable, the hop value is set to 16, which equates to infinity for RIP. Each router along the path increments the
hop count value by 1. The maximum number of hops in a path is 15. If a router receives a routing update with a
metric of 15 that contains a new or modified entry, increasing the metric value by 1 will cause the metric increment
to 16 (infinity). Then, the destination is considered unreachable. The 7750 SR implementation of RIP uses split
horizon with poison reverse to protect from such problems as counting to infinity. Split horizon with poison reverse
means that routes learned from a neighbor through a given interface are advertised in updates out of the same
interface but with a metric of 16 (infinity).
RIPv1 does not support any security or authentication mechanism. However, the more modern version, RIPv2, does
have built-in authentication.
The 7750 SR software supports RIPv1 and RIPv2. RIPv1 was written and implemented prior to the introduction of
CIDR. Therefore it is a classful routing protocol. It assumes the following netmask information for non-local routes,
based on the class the route belongs to:

Class A 8-bit mask

Class B 16-bit mask

Class C 24-bit mask

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 6 - page 26

RIPv2 Overview

y VLSM
y Authentication of routing updates
y Next-hop addresses carried with each route entry
y External route tags
y Multicast route updates

RIPv2 is a classless routing protocol.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

27

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

RIPv2 is an evolution of RIPv1.


In addition to supporting all RIPv1 features, it supports :

Module 6 - page 27

RIPv1 vs. RIPv2

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

RIPv2
Classless routing protocol
Multicast updates every 30
seconds
Support for MD5
Tagging of external routes
Hop-count metric
16 hops equal infinity

Module 6 |

28

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

RIPv1
Classful routing protocol
Broadcast updates every 30
seconds
All updates sent in clear
No method of identifying
external routes
Hop-count metric
16 hops equal infinity

Module 6 - page 28

RIP Neighbors

Router 1

Router 2

Router 4 has two neighbors,


Router 2 and Router 3
Router 4

Router 3

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

29

All rights reserved 20062007 Alcatel-Lucent

When a routing protocol refers to neighbors, it is referring to other routers that share a common data link. A distance
vector protocol such as RIP sends its updates to its neighbors and relies on them to pass the information on through
the internetwork.
This process is referred to as hop-by-hop updating.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Router 1 has two neighbors,


Router 2 and Router 3

Module 6 - page 29

RIP Messages

Router 2

Response

Request

Response

Router 4

Router 3

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

30

All rights reserved 20062007 Alcatel-Lucent

The RIP routing process is a distance vector routing process and operates using UDP port 520. RIP defines two
message types: request and response messages. The request message is used to ask RIP neighbors to send an update.
The response message is the update itself.
On startup, a RIP router broadcasts or multicasts a packet carrying a RIP request message out of all the RIP-enabled
interfaces. When the RIP neighbors receive this message, they generate a response message in the form of an update.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Request
Router 1

Module 6 - page 30

RIP Updates

Router 1

routing table (25 entries)

RIP update includes the entire

routing table (25 entries)

Router 2

Router 4
Router 3

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

31

All rights reserved 20062007 Alcatel-Lucent

Distance vector protocols normally assume that the neighbor knows nothing. Therefore, when a distance vector
protocol sends an update it contains everything from its routing table. The neighbor takes what it needs from the
update and discards the rest.
An update message can hold a maximum of 25 routes per update. RIP routers then continue to send complete updates
(the entire routing table) every 30 seconds.
The response or update message timer that initiates the generation of the update message has a random variable to
prevent table synchronization (all routers sending their updates at the same time). As a result of this random
variable, the time between individual updates can be from 25 to 35 seconds.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

RIP update includes the entire

Module 6 - page 31

RIP Operation

10.1.1.0/24
Update from B

10.1.1.0/24

10.1.1.0/24

Update received by C

Update from C
15 hops

14 hops

2 hops

Network

Cloud

(assume 12 routers
separate Router B
&C

10.1.1.0/24

D Routing Table:
Destination Metric Valid
Route INVALID, do not
Populate In table

B Routing Table:
Destination Metric Valid
10.1.1.0/24 2
Yes
A Routing Table:
Destination Metric Valid
10.1.1.0/24 0
Yes

Alcatel-Lucent Scalable IP Networks v1.1

C Routing Table:
Destination Metric Valid
10.1.1.0/24 15
Yes

Module 6 |

32

All rights reserved 20062007 Alcatel-Lucent

By default the RIP router advertises all RIP routes to each neighbor every 30 seconds. RIP uses a hop-count metric to
determine the distance between the packet source and the packet destination. The metric values for a valid route is
1 to 15 inclusive. A route that has a metric value of 16 (infinity) indicates that the route is no longer valid and should
be removed from the routing table.
In the slide above, router A sends an Update message containing the route 10.1.1.0/24 with a metric of 0, to router
B. Router B updates the metric for the route by adding the cost of the network on which the message arrived. If the
result is greater than infinity, infinity (16) is used. That is the metric = MIN (metric + cost, infinity). It then check to
see whether there is already an explicit route for the destination address. If there is no such route, router B adds this
route to its routing table with the newly calculated metric of 2. It also initializes the Timeout timer for the route. It
then triggers a new update message about this route (10.1.1.0/24) which it sends to its neighbor(s) (into the network
cloud, in the slide above).
This process is repeated at each router within the cloud which would receive an Update about route 10.1.1.0/24.
Hence, router C receives an Update containing route 10.1.1.0/24 with a metric of 14. It calculates the metric value
to 15, adds the route to its routing table and sends a new Update message about this route to router D.
Router D calculates the new metric value to 16. As this value indicates that the route is unreachable, router D does
not populate this route in its routing table
If a router already has an entry in its database for the route received in the Update, then the following occurs:
-If this datagram is from the same router as the existing route, the router reinitialize the timeout.
- If the datagram is from the same router as the existing route, and the new metric is different or lower than the old
one the route and associated info contained in the update replaces the existing route entry. And the router then
sends an Update about this route to its neighbors.
-If the new metric associated with the route is infinity then the Flush timer is initiated. The route is no longer used
for routing packets. Note that the deletion process (Flush timer) is started only when the metric is first set to
infinity. If the metric was already infinity, then a new deletion process is not started.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.1.1.0/24
Update from A
1 hop

Module 6 - page 32

RIP Timers

Update Timer
y frequency with which a router sends an update about its
routes, to its neighbors

Timeout Timer
y amount of time within which a router must receive an update
about a route. If the timeout timer expires and no update has
been received, the route is declared Invalid, but is kept in the
RIP database

Flush Timer
y amount of time a route that has been declared Invalid remains
in the database before being removed

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

33

All rights reserved 20062007 Alcatel-Lucent

By default, every 30 seconds a RIP router sends an unsolicited update message containing its complete routing table
to all its peers.
Each route has two timers associated with it: the timeout and flush timers. If the Timeout timer expires and no
updates have been received about a given route, that route is marked invalid, but is maintained in the routing table
for a short time so that neighbors can be notified that the route has been dropped. The invalid route is still included
in the route updates sent by the router until the flush timer expires. When the flush timer expires, the invalid route
is removed from the routing table. If an update about the invalid route is received while the flush timer is running,
the new route update will replace the one that is about to be deleted. In this case the flush timer must be cleared.
On the 7x50 SR/ESS the default values for the update, timeout and flush timers are respectively, 30 seconds, 180
seconds and 120 seconds.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

RIP uses the following three timers:

Module 6 - page 33

RIP Timers (contd)

10.1.1.0/24

Router B
receives update

T=0s
Timeout timer
Starts

Router B
receives update

T=30s

No update
received

T=210s

Router B
receives update

T=300s

Router B
Router B Clears
Timeout timer
declares route Flush Timer &
resets
Invalid
Resets Timeout
Flush timer
Timer
starts
Route is Valid

Alcatel-Lucent Scalable IP Networks v1.1

Update Timer = 30s


Timeout Timer = 180s
Flush Timer = 120s

No update
received

Still no update
received

T=480s

T=600s

Router B
declares route
Invalid
Flush timer
starts

Module 6 |

34

Router B
removes route
from routing
table

All rights reserved 20062007 Alcatel-Lucent

In the above slide, router A sends an update to router B about the route 10.1.1.0/24. At time T= 0 seconds, router B
receives the update and populates the route in its routing table. It also initializes the timeout timer. After 30
seconds router A sends another update about the route 10.1.1.0/24, which is received by router B. Router B resets
the timeout timer associated with this route. After 180 seconds, router B receives no updates about the route
10.1.1.0/24. The associated timeout timer expires, and router B declares the route invalid. Router B also initializes
the flush timer. After 90 seconds router B receives and update about route 10.1.1.0/24. It replaces the route entry
with the info in the new update (route is valid again), clears the flush timer and initializes the timeout timer. After
180 seconds, router B receives no updates about route 10.1.1.0/24 and declares it invalid, as the timeout timer has
expired. After 120 seconds, router B still does not receive any update about route 10.1.1.0/24, and as the flush timer
has now expired, it therefore deletes the route from its routing table.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Update

Module 6 - page 34

RIP Pinhole Congestion

GigE

GigE

10.1.1.0/24

101.10.1.0/24

T1

T1

Traffic Flow
Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

35

All rights reserved 20062007 Alcatel-Lucent

The only metric used by RIP in its routing computation is hop count. The figure above shows that, despite having a
higher-bandwidth path through the top of the network, RIP always chooses the route or path with the fewest hops. In
this case, all traffic will flow across the T1 link, leaving the gigabit Ethernet path unused. This is known as pinhole
congestion.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

GigE

Module 6 - page 35

Basic RIP Configuration

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

36

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

All RIP instances must be explicitly created on each device.


Once created, RIP is administratively enabled.
To configure RIP, perform the following tasks:
Configure interfaces
Configure policy statements (optional)
Enable RIP
Configure group parameters
Configure neighbor parameters
Note that routers will not automatically advertise routes with
RIP. A route policy must be created and applied to RIP to
dictate which routes are to be advertised.

Module 6 - page 36

Basic RIP Configuration Example

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

37

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PE3>config>router>rip# info
---------------------------------------------export RIP_policy
group "RIP-A"
neighbor "to-pe2
neighbor to-pe1
exit
exit
---------------------------------------------PE3>config>router>rip#

Module 6 - page 37

Show RIP Neighbors

===============================================================================
RIP Neighbors
===============================================================================
Interface

Adm

Opr

Primary IP

Send

Recv

Metric

Mode

Mode

In

------------------------------------------------------------------------------To-pe1

Up

Up

192.168.1.1

BCast

Both

To-pe2

Up

Up

192.168.1.10

BCast

Both

-----------------------------------------------------------------------------No. of RIP Neighbors: 2


===============================================================================

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

38

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the neighbor information of the RIP routing protocol, including the interfaces that RIP is
running on and the addresses of these interfaces.
Note that the send mode is set to broadcast. This is the default value so that RIPv2 is backward-compatible with
routers that are running RIPv1. This can be manually configured to multicast. The receive mode is set to both so that
it can receive updates from either RIPv1 or RIPv2 routers. Finally, the metric is one hop for these interfaces.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PE3>show>router>rip# neighbor

Module 6 - page 38

Show RIP Peers

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

39

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the peer information of the RIP routing protocol, including the IP addresses of the peers, the
name of the interfaces to reach them, the version of RIP that is running on those interfaces, and the last updated sent to
the peer.
Peer IP Addr : The IP address of the peer router.
Interface Name: The peer interface name.
Version: The version of RIP running on the peer.
Last Update : The number of seconds since the last update sent to the peer.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PE3# show router rip peers


=================================================================
RIP Peers
=================================================================
Peer IP Addr
Interface Name
Version
Last Update
----------------------------------------------------------------10.10.10.1
to-pe1
RIPv2
0
10.10.10.2
to-pe2
RIPv2
2
----------------------------------------------------------------No. of Peers: 2
=================================================================

Module 6 - page 39

Show RIP Database

===========================================================================
RIP Route Database
===========================================================================
Destination

Peer

Interface

Met

TTL

Valid

--------------------------------------------------------------------------172.0.0.181/32

192.168.1.2

to182

172

No

172.0.0.181/32

192.168.1.9

to181

164

Yes

172.0.0.182/32

192.168.1.2

to182

172

Yes

172.0.0.182/32

192.168.1.9

to181

164

No

192.168.1.4/30

192.168.1.2

to182

172

Yes

192.168.1.4/30

192.168.1.9

to181

164

No

--------------------------------------------------------------------------No. of Routes: 6

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

40

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the RIP database summary information, including all networks and addresses of the peers from
which the router has received the updates.
Note that the routes are marked as either valid or not valid. The valid routes are the ones that have the fewest hops
(metric) associated with them.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ND184>show>router>rip# database

Module 6 - page 40

Show RIP Update

===============================================================================
RIP Database (Detail)
===============================================================================
Destination

: 172.0.0.181/32

Next Hop

: 0.0.0.0

Interface

: to182

Peer

: 192.168.1.2

Metric

: 2

Tag

: 0x0000

TTL

: 167

Valid

: No

Destination

: 172.0.0.181/32

Next Hop

: 0.0.0.0

Interface

: to181

Peer

: 192.168.1.9

Metric

: 1

Tag

: 0x0000

TTL

: 162

Valid

: Yes

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

41

All rights reserved 20062007 Alcatel-Lucent

The slide above shows a portion of the information that is carried in a RIP update message. A single update message
can carry a maximum of 25 networks. The information shown is similar to the database summary information shown
in the previous slide.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ND184>show>router>rip# database detail

Module 6 - page 41

Show RIP Group

=========================================================================
RIP groups (Detail)
=========================================================================
------------------------------------------------------------------------Group "rip"
------------------------------------------------------------------------Description

: No Description Available

Admin State

: Up

Oper State

: Up

Send Mode

: Broadcast

Receive Mode

: Both

Metric In

: 1

Metric Out

: 1

Split Horizon

: Enabled

Check Zero

: Disabled

Message Size

: 25

Preference

: 100

Auth. Type

: None

Update Timer

: 30

Timeout Timer

: 180

Flush Timer

: 120

Export Policies:

rip

Import Policies:

None

=========================================================================
Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

42

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the configuration information that is applied to all RIP neighbors that belong to this group. The
RIP neighbors are the interfaces that are part of the RIP routing process.
Any changes that are made to the group are automatically pushed down to all neighbors that belong to the group.
This eases configuration.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

ND184>show>router>rip# group detail

Module 6 - page 42

Module Summary

Router functions
Routing loops
Static and default routes
Distance vector
Issues with distance vector
Loop-avoidance mechanisms
y Split horizon
y Route poisoning
y Poison reverse
y Hold-down timers

RIPv1 and RIPv2


General RIP operations and updates
RIP show commands

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

43

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 6 - page 43

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

44

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. The Layer 2 address is used by the router to make its


forwarding decision.
A. True
B. False
2. What is the preference value found in the routing table used
for?
A. Differentiate between multiple routes to a destination
learned by the same protocol
B. Differentiate between multiple routes to a destination
learned by different protocols
C. Serves no purpose
3. Static routes do not respond in real time to a failure.
A. True
B. False

Module 6 - page 44

Learning Assessment (cont'd)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 6 |

45

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

4. What are the functions of a routing protocol? Choose all that


apply.
A. Calculate an optimal path through a network.
B. Notify applications of inability to reach destination.
C. Advertise network reachability information to neighbors.
D. Apply flow control to traffic to reduce congestion.
5. What is the maximum number of routes that can be carried
in a RIPv1 update message?
A. 15
B. 25
C. 30
D. 45

Module 6 - page 45

Learning Assessment Answers

Alcatel-Lucent Scalable IP Networks v1.1

Module 6 |

46

All rights reserved 20062007 Alcatel-Lucent

1. The Layer 2 address is used by the router to make its forwarding decision.
A. True
B. False 3
2. What is the preference value found in the routing table used for?
A. Differentiate between multiple routes to a destination learned by the same protocol
B. Differentiate between multiple routes to a destination learned by different protocols 3
C. Serves no purpose
3. Static routes do not respond in real time to a failure.
A. True 3
B. False
4. What are the functions of a routing protocol? Choose all that apply.
A. Calculate an optimal path through a network. 3
B. Notify applications of inability to reach destination.
C. Advertise network reachability information to neighbors. 3
D. Apply flow control to traffic to reduce congestion.
5. What is the maximum number of routes that can be carried in a RIPv1 update message?
A. 15
B. 25 3
C. 30
D. 45

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Left blank for notes

Module 6 - page 46

LAB 3.1 - Basic RIP Configuration

Edge-Pod2

Pod2

Core-Pod1

Core-Pod2

RIP

Core-Pod3

Core-Pod4

Pod4

Pod3

Edge-Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Edge-Pod4

Module 6 |

47

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Edge-Pod1

Pod1

Module 6 - page 47

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 7 Link-State Routing Protocols

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Understand link state protocol behavior
Understand the terminology used in OSPF
Understand the concepts of areas used in OSPF
Describe the contents of the different databases used in the
OSPF routing process
Discuss the different link state advertisements used in OSPF
Configure and verify a simple (flat) OSPF network
Configure and verify a hierarchical OSPF network

Module 7 page 2

Section 1 Link State Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link-State Routing Protocols

Distance Vector vs. Link State

Views
Viewsthe
thenetwork
networktopology
topology
from
fromthe
theneighbors
neighbors
perspective
perspective
Adds
Addsdistance
distancevectors
vectors
from
fromrouter
routerto
torouter
router
Frequent,
Frequent,periodic
periodicupdates:
updates:
slow
convergence
slow convergence
Passes
Passescopies
copiesof
ofthe
therouting
routing
table
tableto
toneighbor
neighborrouters
routers

Link
Linkstate
state

Gets
Getsaacommon
commonview
viewof
ofthe
the
entire
entirenetwork
networktopology
topology
Calculates
Calculatesthe
theshortest
shortest
path
pathto
toother
otherrouters
routers
Event-triggered
Event-triggeredupdates:
updates:
faster
fasterconvergence
convergence
Passes
Passeslink-state
link-staterouting
routing
updates
updatesto
toother
otherrouters
routers

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Link state and distance vector can be compared in several key areas:
1. Distance vector sees everything and learns everything as "next hop. Link state obtains a wide view of the
entire internetwork topology by accumulating all necessary LSPs.
2. Distance vector determines the best path by adding to the metric value it receives as tables move from
router to router. With link state, each router calculates its own shortest path to destinations.
3. Distance vector is a daisy chain of tables passed using periodic table updates. This leads to slow convergence,
particularly in large networks.
4. With link state, updates are triggered by topology changes. Relatively small LSPs are passed to all other
routers or to a multicast group of routers, which usually results in faster convergence times.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Distance
Distancevector
vector

Module 7 page 4

Link State Overview

Sends subnet mask in update


Supports VLSM, CIDR, and manual route summarization
Supports authentication
Maintains multiple databases
Sends updates using multicast addressing

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Link-state protocols have the following common attributes:

Link-state protocols trigger an update when a link (interface) changes state. The router connected to the link
initiates a triggered update to its neighbors to notify them of the topology change. If the network is stable
and no changes in links are detected, the routers send periodic hello messages to maintain connectivity
without having to consume excessive bandwidth.

The updates contain the subnet mask of each network being advertised. This allows for more optimal network
design and accurate path selection.

VLSM and CIDR are supported in all link-state protocols.

Due to the classless aspects of link-state protocols, manual summarization is actively supported. This allows
for network administrators to have much more control of where and how the summarization takes place.

All modern link-state protocols support authentication of the updates being sent between the routers. This
ensures that accurate network topologies are created without false information or errors.

Link-state protocols maintain three common databases: topology (link state DB), neighbor (adjacency DB),
and routing table (forwarding DB).

Modern link-state protocols use a multicast address to convey updates and hellos to their neighbor link-state
routing peers. This reduces processing on devices in the network that are not running the link-state protocol.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link-state driven updates, periodic hellos

Module 7 page 5

Link State Overview (continued)

Link = An interface
State = Active or inactive interface
IS-IS and OSPF are link-state protocols
More complex than distance vector
Faster convergence
Triggered updates
Three databases:
y Adjacency Neighbor database
y Topology Link-State database
y Routing Forwarding database

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Link state, also known as SPF, maintains a complex database of topology information. While distance vector has
nonspecific information about distant networks and no knowledge of distant routers, link state maintains full
knowledge of distant routers and how they interconnect. OSPF and IS-IS are examples of link-state routing protocols.
LSPs are used to transmit the information necessary to build a topological database, which is used by the SPF
algorithm to construct a SPF tree, and finally, a routing table of paths and ports to each network. When a link-state
topology changes, the routers must become aware of the change and send information to other routers or to a
designated router that all other routers can use for updates. This involves the propagation of common routing
information to all routers in the network. To achieve convergence, each router does the following:

Keeps track of it neighbors.

Constructs an LSP that lists neighbor router names and link metrics (cost). This includes new neighbors,
change metrics, and links to neighbors that have gone down.

Sends out the LSP so that all routers receive it.

When it receives an LSP, records the LSP in its database so that it can store the most recent LSP received.

Using accumulated LSP data to construct a complete network topology, proceeds from the common starting
point for the SPF algorithm and compute routes to every network.

Each time an LSP causes a change to the link-state database, the link-state algorithm recalculates the best
paths and updates the routing table.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 7 page 6

Link State Overview (continued)

RTR-C
Network
1/1/1
RTR-A

Adjacency Database
RTR-B on 1/1/2
RTR-C on 1/1/1

2.2.2.0/24

1/1/2

RTR-B

Link State Database


RTR-A to RTR-C, cost=1000
RTR-A to RTR-B, cost=1000
RTR-C to RTR-B, cost=1000
Routing Table:
RTR-B to 2.2.2.0/24, cost=1000
2.2.2.0/24
via 1/1/2

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Link state protocols keep three databases in the routers:


The adjacency database, sometimes called the neighbor database, keeps track of all the other routers that are
directly attached and passing link state routing information. The adjacency database is maintained with periodic
hello messages.
The LSDB has all learned paths to all destination networks. It is this database that is used to create the SPF tree that
ultimately creates the routing table.
The routing table, sometimes called the forwarding database, is used by the router to accurately forward IP packets
to the destination network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Adjacency database
Link-state database
Forwarding database

Module 7 page 7

Link State Overview (continued)


C
2.2.2.0/30

.1

10.0.0.0/8
.1

.2
4.4.4.0/30

.2

Step 1 Updates received


from peers

.1

.2

3.3.3.0/30

B
Routing
Routing Table
Table
10.0.0.0/8
10.0.0.0/8 via
via 2.2.2.1
2.2.2.1

Step 2 Topology database


Created
AA to
to 2.2.2.0/30
2.2.2.0/30 Cost
Cost 10
10
AA to
to 3.3.3.0/30
3.3.3.0/30 Cost
Cost 10
10
BB to
4.4.4.0/30
Cost
10
to 4.4.4.0/30 Cost 10
CC to
10.0.0.0/8
Cost
10
to 10.0.0.0/8 Cost 10

Alcatel-Lucent Scalable IP Networks v1.1

Step 3 SPF algorithm


determines the best
path to destination networks

Step 4 Routing
table created

10.0.0.0/8
10.0.0.0/8
Via
Via 2.2.2.1
2.2.2.1 Cost
Cost 20
20 -- BEST
BEST
Via
3.3.3.1
Via 3.3.3.1 Cost
Cost 30
30

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Link state, also known as SPF, maintains a complex database of topology information.
While distance vector has nonspecific information about distant networks and no knowledge of distant routers, link
state maintains full knowledge of distant routers and how they interconnect.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

From routers A
Point-of-view

Module 7 page 8

Exchange of Link State Information

R1
R1Link-state
Link-statePacket
Packet
AA
10
10
BB

R2

10
10

R3

R2
R2Link-state
Link-statePacket
Packet
BB
10
10
CC

R3
R3Link-state
Link-statePacket
Packet
CC
10
10

10
10

DD

10
10

Routers exchange LSPs with each other. Each router begins with the
directly connected networks for which it has direct link-state information.

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

All rights reserved 20062007 Alcatel-Lucent

Network discovery for link-state routing uses the following processes:


Routers exchange LSPs with each other. Each router begins with the directly connected networks for which it has
direct link-state information. It floods its link-state information to other routers in the network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

R1

Module 7 page 9

Topological Database
R2

R3

R1
R1Link-state
Link-statepacket
packet
AA
10
10

R1
R1Link-state
Link-statepacket
packet
AA
10
10

R1
R1Link-state
Link-statepacket
packet
AA
10
10

BB
10
10
R2
Link-state
packet
R2 Link-state packet
BB
10
10

BB
10
10
R2
R2Link-state
Link-statepacket
packet

BB
10
10
R2
Link-state
packet
R2 Link-state packet

CC
10
10
R3
R3Link-state
Link-statepacket
packet
CC
DD

Alcatel-Lucent Scalable IP Networks v1.1

10
10
10
10

BB
CC

10
10
10
10

BB
CC

R3
R3Link-state
Link-statepacket
packet
CC
10
10
DD

R3
R3Link-state
Link-statepacket
packet
CC
10
10

10
10

DD

Module 7 |

10
10
10
10

10

10
10

All rights reserved 20062007 Alcatel-Lucent

Network discovery for link-state routing uses the following processes (continued):
Each router constructs a topological database that consists of all the LS information from the other routers in the
network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

R1

Module 7 page 10

Calculating the SPF Tree and Populating the Routing Table


R2

R1
R1Link-state
Link-statepacket
packet
AA
10
10
BB
10
10
R2
Link-state
packet
R2 Link-state packet
BB
10
10
CC
10
10
R3
R3Link-state
Link-statepacket
packet
CC
DD

Alcatel-Lucent Scalable IP Networks v1.1

R3

SPF
1

SPF tree

R1
R1
Routing
Routing
table
table

10
10
10
10

Module 7 |

11

All rights reserved 20062007 Alcatel-Lucent

Network discovery for link-state routing uses the following processes (continued):
1. The SPF algorithm computes network reachability, determining the shortest path to the other networks in the
link-state network.
2. The router constructs this logical topology of shortest paths as a tree, with itself as root.
3. The router lists its best paths and the ports to these destination networks in the routing table. It also
maintains additional topology elements and status details.
When all these processes are complete, normal routing of packets can begin.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

R1

Module 7 page 11

Topology Changes

Run
RunSPF
SPF
Update
Update
routing
routing
table
table

Topology
Topology
change
change

Link-state information

Alcatel-Lucent Scalable IP Networks v1.1

Run
RunSPF
SPF
Update
Update
routing
routing
table
table

Run
RunSPF
SPF
Update
Update
routing
routing
table
table
Module 7 |

12

All rights reserved 20062007 Alcatel-Lucent

When a router recognizes a topology change (link down, neighbor down, new link, or new neighbor), it must notify its
neighbors. To do this, each link-state router does the following:

The router that recognizes the change sends out new link-state information that reflects the change.

When a router receives new link-state information, it must populate the information in its topological
database and pass it on to its neighbors.

The SPF algorithm must be run against the new topological database to update the routing table with the new
information.

Each time that there is a topology change that causes an update to the topological database, the SPF algorithm must
be run.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link-state updates are driven by topology changes.

Module 7 page 12

Flooding

Link-state information

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

13

All rights reserved 20062007 Alcatel-Lucent

Link-state information is sent during a topology change and periodically to insure topological database
synchronization. LSAs are:

Sourced by the router that is connected to the link that changes

Flooded by all other routers

Transmitted at each link-state change

The topological database synchronization relies on the flooding of link-state information throughout the link-state
domain.

This must be a reliable procedure.

Routers must also have a way to determine if the link-state information they are receiving is more recent
than the information already in the database. There must also be a mechanism to determine if the link-state
information should be forwarded to neighbors or dropped. Without such a mechanism in place, the link-state
information could be flooded infinitely.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link-state information is flooded to other routers in the


network.

Module 7 page 13

Acknowledgment

Link-state information
Acknowledgment
Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

14

All rights reserved 20062007 Alcatel-Lucent

Acknowledgments make the flooding procedure reliable. This helps to ensure that the topological database is
synchronized.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Each router must receive an acknowledgment that the update


was received by its neighbor.
If an acknowledgment is not received, the link-state
information is retransmitted.

Module 7 page 14

Sequence Numbers

Without sequence numbers, the link-state information could be


flooded infinitely.
The sequence number remains the same, router-to-router, during
the flooding process.

In a link-state environment, routers use the sequence numbers


for the following decisions when receiving a link-state update:

If the sequence number is lower than the one in the database, the
link-state information is discarded; and the receiving router will
update the sending router with the corresponding information in
its own database.
If the sequence number is the same, an acknowledgement is sent.
The link-state information is then discarded.
If the sequence number is higher, the link-state information is
populated in the topological database, an acknowledgement is
sent, and the link-state information is forwarded to its neighbors.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

15

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Sequence numbers must be included in the link-state


information.

Module 7 page 15

Sequence Numbers (continued)


R1

R2

R3

R1
R1Link-state
Link-statepacket
packet
Seq=1
Seq=1

R1
R1Link-state
Link-statepacket
packet
Seq=1
Seq=1

R1
R1Link-state
Link-statepacket
packet
Seq=1
Seq=1

R1
R1Link-state
Link-statepacket
packet
Seq=2
Seq=2

R1
R1Link-state
Link-statepacket
packet
Seq=2
Seq=2

R1
R1Link-state
Link-statepacket
packet
Seq=2
Seq=2

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

16

All rights reserved 20062007 Alcatel-Lucent

In the figure above, all routers initially have an entry in their respective topology databases for network A with a
sequence number of 1. This information was obtained from an update that R1 has previously sent. When the link to
network A fails, R1 generates new link-state information for network A. It increments the sequence number and sends
the link-state information to its neighbor. On receiving the link-state information, R2 checks the sequence number
and sees that it is newer. R2 populates its topological database with the new information about network A and floods
it to its neighbor R3. Likewise, R3 checks the sequence number, sees that it is newer and populates its topological
database.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 7 page 16

Sequence Numbers (continued)

y R1 must decide what to do with the second copy of the linkstate information that it receives.
R1

R2

R3

E
Z

R6
Alcatel-Lucent Scalable IP Networks v1.1

R5

R4
Module 7 |

17

All rights reserved 20062007 Alcatel-Lucent

R1 receives the link-state information via R2 first. It populates its topological database with the newly received linkstate information. The link-state information is then received from R6. R1 must compare the link-state information
with the information it already has in its database. R1 can see that the sequence numbers are the same. Therefore,
it discards the link-state information and does not forward it to R2.
This process stops link-state information from being flooded infinitely.
In the same example as shown in the slide above, if network Z comes up immediately after it goes down, the
sequence number is incremented again. For some reason, the link-state information for network Z going down with a
sequence number of 2 is delayed via R4 to R3 to R2 to R1. The link-state information for network Z, being available
with a sequence number of 3, arrives at R1 via R4 to R5 to R6 to R1 first. When the delayed link-state information
with a sequence number of 2 arrives, R1 compares it with the link-state information that it has in its topological
database. R1 determines that the link-state information is older and discards it.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

R1 receives 2 copies of the link state information for network Z.

Module 7 page 17

Link-State Information Aging

y The age of newly created link-state information is set to 0 for


OSPF and 1200 for IS-IS. It is incremented by each hop during
the flooding procedure for OSPF and is decremented for IS-IS.
y The link-state age is also incremented for OSPF and
decremented for IS-IS as it is held in the topological database.

Maximum age
y When the link-state information reaches its maximum age, it is
no longer used for routing. The link-state information is
flooded to the neighbors with the maximum age, and the linkstate information is removed from the topological database.
y For OSPF the default maximum age is 3600

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

18

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Link-state information includes an age field.

Module 7 page 18

Hierarchy in Link-State Networks

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

19

All rights reserved 20062007 Alcatel-Lucent

Scalability issues exist with Link-state networks:

The size of the link-state database increases exponentially with the size of the network. Each router must
add and keep track of any new destinations that are reachable in the network. A large database increases the
consumption of router resources.

The complexity of the SPF calculation also increases exponentially.

A topology change requires the complete recalculation of the forwarding table on every router. The increased
overhead in calculating new routing information can overwhelm a router if it has insufficient resources.

A hierarchy allows a large routing domain to be split into several smaller domains. Routing happens within the
smaller routing domains and between the domains, simplifying the SPF calculation.
IS-IS and OSPF both implement hierarchy but use different techniques. They both define areas and route within areas
and between areas.
A hierarchy results in suboptimal routing. The best path to leave the area may not be the best route to the final
destination.
A hierarchy is less common today due to the increased capacity of routers. Many large networks are now configured
as a single area, simplifying the configuration and optimizing routing. Modern routers have the ability to handle
hundreds of nodes.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Scalability issues exist with Link-state networks:


The size of the link-state database increases exponentially
with the size of the network.
The complexity of the SPF calculation also increases
exponentially.
A topology change requires the complete recalculation of
the forwarding table on every router.
A hierarchy allows a large routing domain to be split into
several smaller domains.
A hierarchy results in suboptimal routing.
A hierarchy is less common today due to the increased capacity
of routers.

Module 7 page 19

OSPF Overview

Link-state protocol
Faster convergence than a distance vector protocol
Scalable
Hierarchical using areas
Uses the SPF algorithm for routing decisions
Cost metric takes into account the physical bandwidth of
the port
Classless protocol
Traffic engineering extensions
Authentication support
Support for VLSM and address aggregation

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

20

All rights reserved 20062007 Alcatel-Lucent

OSPF is a hierarchical routing protocol. It supports the concept of areas within the OSPF routing domain. These areas
break the network into smaller pieces to accommodate growth and to reduce the amount of protocol traffic
throughout the network.
The classless behavior eliminates any classful problems, such as noncontiguous subnets. OSPF also supports classless
routing table lookups, VLSM, and aggregation for address management.
The OSPF cost metric is based on the physical bandwidth of the port. This allows OSPF to make its path decisions
based on the path that has the most bandwidth.
OSPF also allows for the use of route tagging to identify external routes (i.e., routes learned from another protocol).
The traffic engineering extensions to OSPF allow the protocol to track and advertise the available bandwidth. This
feature is used by MPLS in the creation of traffic tunnels.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 7 page 20

OSPF Terminology

Link
t
Cos

0
=1
Adjac

ency
and
Neigh
bors

Router ID
172.16.0.1
LSA

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

21

All rights reserved 20062007 Alcatel-Lucent

The following terminology is used in OSPF routing:


Area A group of routers that share the same area ID
Router ID A unique router ID required by each OSPF router. A router ID can be derived by:
1. Defining the value in the config>router router-id context;
2. Defining the system interface in the config>router>interface ip-int-name context, if router-id is
not explicitly configured;
3. Inheriting the last four bytes of the MAC address, if neither router-id nor system interface IP
address is configured.
Link State The status of the link between two OSPF routers, a routers interface, and its relationship to its
neighboring routers
Cost The routing metric used by OSPF in its SPF calculations
Neighbor An adjacent system reachable by traversing a single subnet
Designated Router The router that is responsible for ensuring adjacencies between all neighbors in a multipleaccess network. This ensures that all routers do not need to maintain full adjacencies with each other. The DR is
elected in all multiple-access networks (Ethernet).
Backup DR Designated to perform the same functions as the DR in the event of a failure
Link State Advertisement (LSA) Packet that contains all the relevant information regarding a routers links and the
state of those links

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 21

OSPF Hierarchy

Backbone area
Area 0.0.0.1

Area 0.0.0.2

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

22

All rights reserved 20062007 Alcatel-Lucent

OSPF is a hierarchical routing protocol. It supports the concept of areas within the OSPF routing domain. These areas
break the network into smaller pieces to accommodate growth and to reduce the amount of LSA traffic throughout
the network.
An area is a grouping of OSPF routers that have the same area ID ( i.e., number). For OSPF-enabled routers to form
adjacencies, they must have the same area ID. OSPF areas are logical subdivisions of OSPF autonomous systems. The
topology of each area is invisible to entities in other areas.
Each router in an area retains a link-state database that describes the particular area. If a router belongs to more
than one area, it retains a separate link-state database for each area.
Area 0 (0.0.0.0) is a required area and is referred to as the backbone area. All other areas must be connected to the
backbone area, either physically or logically. The backbone area distributes routing information between areas hence
all inter-area communications must go through the backbone.
An Autonomous System is a group of networks and network equipment under a common administration.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0.0.0.0

Module 7 page 22

LAB 4.1 - Configuring OSPF in a Single Area

Edge-Pod2

Pod1

Pod2
Core-Pod1

Core-Pod2

OSPF

Core-Pod3

Core-Pod4

Pod3

Pod4

Edge-Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Edge-Pod4

Module 7 |

23

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Edge-Pod1

Module 7 page 23

Section 2 OSPF Areas

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSPF Overview

Types of OSPF Areas

Normal area
Stub area
Intra-area routes refer to updates that are passed within
the area. Inter-area routes refer to updates that are passed
between areas.
External routes refer to updates passed from another
routing protocol into the OSPF domain by the ASBR.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

25

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Backbone area

Module 7 page 25

OSPF Backbone Areas

Backbone area 0

Area 1
ABR

ABR

Alcatel-Lucent Scalable IP Networks v1.1

Area 2

Module 7 |

26

All rights reserved 20062007 Alcatel-Lucent

The OSPF backbone area, area 0.0.0.0, must be contiguous, and all other areas must be connected to the backbone
area.
All inter-area traffic must pass through the backbone area.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 26

OSPF Normal Areas

Backbone area 0

Area 1
ABR

Normal area

Normal area

RIB

Area 2

ABR

Inter-area routes
Intra-area routes
External routes

Alcatel-Lucent Scalable IP Networks v1.1

Normal area

Module 7 |

27

All rights reserved 20062007 Alcatel-Lucent

The OSPF normal or standard area is the default area type. The normal area imports and exports external routes. It
has in its routing information database all intra-area routes, all inter-area routes, and all external routes.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 27

OSPF Stub Area

Backbone area 0

Area 1
ABR

Stub area

Normal area

RIB
Inter-area routes

Area 2

ABR

Intra-area routes
Default route
Stub area

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

28

All rights reserved 20062007 Alcatel-Lucent

A stub area is an area that does not allow external route advertisements. The ABR of the stub area advertises a single
default route (0.0.0.0) into the stub area . Any destination that the internal routers cannot match to an intra- or
inter-area route will match the default route.
This reduces the size of the internal routers database and reduces CPU processing time.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 28

OSPF Router Types

Area 1

ABR
Internal
routers
Backbone
routers

ABR

Area 2

Non-OSPF
routed domain

ASBR

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

29

All rights reserved 20062007 Alcatel-Lucent

OSPF supports four types of routers:

Internal router A router that is within a specific non-zero area only. It has no direct connection to another
area.

Area border router A router that is located on the border between one or more OSPF areas. It is responsible
for the connection of two or more areas (one of them being the backbone area) and for the maintenance of
separate link-state databases for each area.

Autonomous system boundary router A router that connects an OSPF routing domain to a non-OSPF routing
domain

Backbone router A router that resides in area 0 only

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 29

OSPF Databases

Area 1
ABR

ABR
Adjacency

Link-state

Forwarding

Database

database

table

Area 2

List of
Neighbors

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

30

All rights reserved 20062007 Alcatel-Lucent

OSPF supports a number of databases that it uses in its route calculations:

Adjacency database When two OSPF routers exchange information, they form an adjacency. The adjacency
database is a list of all neighbors to which a router has established bidirectional (full) communication.

Link-state database Also called the topology table or routing information database, a link-state database
contains the next-hop information for all destinations in the OSPF domain.

Forwarding database This database contains all the best routes to the destinations in the network. The
forwarding database is created when the SPF algorithm is run on the link-state database.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 30

Designated Router

172.16.0.1

Priority 64

Priority 32

Priority 10

Priority 16

Priority 0

DR

BDR
Priority 32
Router ID
172.16.0.2

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

31

All rights reserved 20062007 Alcatel-Lucent

The concept of designated routers and backup designated routers came about because of some problems that
multiple-access networks, such as Ethernet, posed to OSPF related to the flooding of LSAs. For example, the
formation of adjacencies between all attached routers would create unnecessary LSAs. In the figure above, without
the use of DR and BDR, the number of adjacencies would be n (n 1)/2, or in this case, 5(4)/2 = 10 adjacencies to
support 5 routers. Flooding of the LSAs would be out of control. A router would flood an LSA to all its adjacent
neighbors, which in turn, would flood to all their neighbors, and so on. This would create many copies of the same
LSA on the same link.
The DR represents the network as a pseudo node. Each router forms an adjacency with the DR and the BDR. Only the
DR sends LSAs to the rest of the network. This reduces the LSA load on the network.
The BDR is responsible for mirroring the DR and takes over the role of DR if there is a failure.
The election process for the DR and BDR is based on priority: the highest priority wins. In the event of a tie, the
router with the highest router ID wins. Any router that has reached a minimum of the 2-way state in the OSPF process
is eligible to take part in the election process.
A router with Priority set to 0 can never become the Designated Router.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Router ID

Module 7 page 31

DR and BDR

=============================================================================
OSPF Interfaces
=============================================================================
If Name

Area Id

Designated Rtr

Bkup Desig Rtr

Adm

Oper

----------------------------------------------------------------------------system

0.0.0.0

172.0.0.152

0.0.0.0

Up

DR

fast

0.0.0.0

192.168.2.1

192.168.2.2

Up

BDR

faster

0.0.0.0

0.0.0.0

0.0.0.0

Up

Down

----------------------------------------------------------------------------No. of OSPF Interfaces: 3

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

32

All rights reserved 20062007 Alcatel-Lucent

The slide above again shows the interfaces that are running OSPF. In this case, note the DR and BDR designation of
interface fast. This interface is an Ethernet interface, and even though it is being used in a point-to-point
application, OSPF still sees it as a broadcast medium and conducts the DR and BDR election process.
The fast interface is actually the BDR even though the priority of the interfaces are the same and the IP address of
fast is actually higher than the IP address of its neighbor. This is because the other interface was the first one to
become operational. When OSPF saw that the interface was a broadcast interface, it conducted an election. Because
the far end was operational first, it was the only one taking part in the election process and therefore became the
DR. When fast interface became operational and exchanged hellos with the adjacent router, the adjacent router
informed fast interface that it was the DR, and therefore fast interface became the BDR.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:SR1# show router ospf interface

Module 7 page 32

Section 3 OSPF Packets

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSPF Overview

OSPF Packet Types

Hello Used to find neighbors in a routers


attached networks and to determine if a neighboring
routers interface is still functional by periodically sending
out hello packets

Database description Exchanged between


routers that are in the process of forming an adjacency

Link-state request A router request for newer database


description information

Link-state update Used to implement the


flooding of LSAs; may contain one or more LSAs

Link-state acknowledgment Acknowledgment of a


link-state update

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

34

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSPF packet type Description

Module 7 page 34

OSPF Hello Packet

Area ID

*
Password

Hello
Interval

Dead
Interval

*
Priority

DR and BDR

Hello

Adjacency
Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

35

All rights reserved 20062007 Alcatel-Lucent

The hello protocol is used to allow routers to recognize each other in the network. Hello packets are sent out
periodically on each OSPF interface, using the multicast IP address 224.0.0.5.
* - To establish an adjacency between the two routers shown above, certain criteria in the hello packet must be
common:

Area To form an adjacency, both routers must be in the same area.

Password If using security, both routers must have the same password.

Hello interval This specifies how often each router will send a hello packet to act as a keepalive. Both
routers must have the same hello interval.

Dead interval This specifies how long a router will wait for a hello packet. If it does not receive a packet
within the specified interval, the router will declare the link down. Both routers must have the same dead
interval.

Priority This specifies the router priority of an OSPF interface. A router may have different priorities on its OSPF
interfaces. Highest priority is preferred when two or more routers connected to the same network segment all
attempt to become DR/BDR. A router whose Priority is set to 0 is ineligible to become DR or BDR on the attached
network.
DR The router ID of the Designated Router selected on the attached broadcast network.
BDR The router ID of the Backup Designated Router selected on the attached broadcast network.
When the routers have exchanged and agreed on the information above, they will establish an adjacency. This
ensures bidirectional communication.
OSPF routes are only exchanged on adjacencies.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

*
Router ID

Module 7 page 35

Forming an Adjacency
Router B
2.2.2.2

Down state

Hello (RID=1.1.1.1,DR=0.0.0.0 Neighbors known = 0)

Hello (RID=2.2.2.2, DR=0.0.0.0, Neighbors known=1.1.1.1)

Init state

Hello (RID=1.1.1.1,DR=0.0.0.0, Neighbors known = 2.2.2.2)

2-way state

DBD (RID=1.1.1.1)

Exstart state

DBD (RID=2.2.2.2)
DBD (Summary of all networks known)
DBD (Summary of all networks known)

Alcatel-Lucent Scalable IP Networks v1.1

Exchange state
Router with larger RID starts

Module 7 |

36

All rights reserved 20062007 Alcatel-Lucent

In the diagram above the two routers in question have not formed an adjacency. The following will explain how the
adjacency is created and the steps that are required to accomplish it.
1. To start both routers are in what is called a down state. This is when neither router has sent any OSPF
related packets.
2. The router on the left sends a hello packet with the standard header. In the hello information the router will
insert its RID and leave the neighbor field blank since it does not know of any other router on the Ethernet
segment.
3. The right side router will respond with a hello of its own. However, in this routers hello, not only is its RID
sent; the RID of the left router is also sent. With both routers seeing that the other router is acknowledging
they exist the state changes from a down state to that of two-way.
4. The neighboring routers establish a master/slave relationship. During this phase the initial DBD sequence
number is determined for the exchange phase. The router with the highest Router ID becomes the master
and its initial sequence number is used.
5. The routers send the DBD packets describing its Link State Database. The sequence number negotiated
during the master/slave establishment step is used.
6. The sequence number is incremented and the DBD packet is sent describing the Link State Database

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Router A
1.1.1.1

Module 7 page 36

Forming an Adjacency (contd)


Router B
2.2.2.2

Loading state

LSR (Send me info on the following networks)


LSR (Send me info on the following networks)
LSU (Heres the info you requested)
LSU (Heres the info you requested)
ACK (Thanks for the info)
ACK (Thanks for the info)

Full state

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

37

All rights reserved 20062007 Alcatel-Lucent

The Adjacency continues to be created with the following steps:


1. The routers ask for explicit information with the use of the Link State Request. When the LSR is sent the
exchange state changes to the loading state.
2. Each router will respond to the LSR with one or more Link State Update Packets. These packets will contain
the explicit details of the networks requested.
3. Each router will respond to the LSU with an Acknowledgement packet. This ensures that each knows the
other has received the information without error.
4. After all LSUs are received, and acknowledgements sent, each router will now have an identical link state
database. When this happens the state changes from a Loading state to the full state. This means that
each router is fully converged with the others database.
5. To maintain the adjacency the routers will now sent periodic hellos to each other. The default timer for this
is 10 seconds. If something changes then only that change int eh database will be conveyed to the neighbor.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Router A
1.1.1.1

Module 7 page 37

LSA Types

Routers can generate the following types of LSAs:


Type 1 Router LSA
Type 2 Network LSA
Type 3 Summary LSA (Network)
Type 4 Summary LSA (ASBR)
Type 5 AS external LSA

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

38

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After the initial flood to create the link-state database,


LSAs are sent when there is a topology change or every 30
minutes to maintain the database.

Module 7 page 38

Type 1 Router LSA

Router
Backbone area 0

Area 0

LSA

Area 1
ABR

DR

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

39

All rights reserved 20062007 Alcatel-Lucent

LSA type 1 is known as a router LSA and is generated by every internal router in the network with an active interface.
These LSAs are only flooded in the area in which they were originated. A router LSA lists all the routers links along
with the state and cost of the links.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Type 1

Module 7 page 39

Type 2 Network LSA

Area 0
Area 1
ABR

DR

Type 2
Network
LSA

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

40

All rights reserved 20062007 Alcatel-Lucent

LSA type 2 is known as a network LSA. Network LSAs are only produced by the DR in a multiple-access network. The
DR represents the network as a type of pseudo node. A network LSA lists all attached routers, including the DR. A
network LSA is only flooded in the area of the router that originated it.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Backbone area 0

Module 7 page 40

Type 3 Network Summary LSA

Network

Area 0

Summary

Area 1

LSA
Backbone area 0

Alcatel-Lucent Scalable IP Networks v1.1

ABR

Module 7 |

41

All rights reserved 20062007 Alcatel-Lucent

LSA type 3 is known as a network summary LSA and is advertised by an ABR. These LSAs are sent into an area to
advertise routes (destinations) that are outside that area. This lets the internal routers know which destinations can
be reached by the ABR.
The ABR advertises a network summary LSA in both directions. This means that the ABR advertises network summary
LSAs into the non-zero area as well as the backbone or zero area.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Type 3

Module 7 page 41

Type 4 ASBR LSA and Type 5 AS External LSA

Area 1

Type 5

Area 2
Type 4

External

ASBR

LSA

LSA

Non-OSPF

ASBR

routed domain

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

42

All rights reserved 20062007 Alcatel-Lucent

LSA type 5 is known as an AS External LSA. These LSAs are originated by an ASBR and advertise destinations external
to the AS or a default route that is external to the AS. AS external LSAs are flooded throughout the entire network,
with the exception of stub areas.
LSA type 4 is known as an ASBR LSA. An ASBR LSA is only generated by an ABR. ASBR LSAs are identical to type 3 LSAs
except that the destination they advertise is not a network but the ASBR itself. An ABR generates a Type 4 LSA after
it has received Type 5 LSAs from an ASBR.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 42

OSPF LSAs in Action

Area 1

DR

Broadcast network

LSA 1: Router
LSA 2: Network
LSA 3: Summary

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

43

All rights reserved 20062007 Alcatel-Lucent

All links in the hierarchical network above are point-to-point except for the links in Area 1. DR and BDR elections are
therefore a concern in area 1.
When the ABR is inserted adjoining both areas, router LSAs are sent out in the respective areas.
Note: The ABR belongs to both areas and therefore has a separate set of router LSAs for each area that it belongs to.
Therefore, the topology database of the ABR has a set of router LSAs for area 0 and a set of router LSAs for area 1.
The ABR is connected to a broadcast network in area 1. The interface of the ABR is elected as the DR, and it sends a
network LSA to all routers in the broadcast domain.
In addition, the ABR summarizes all networks in Area 1 and sends a network summary LSA on behalf of all the
networks to all routers in Area 0.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 43

OSPF LSAs in Action (continued)

Area 2

LSA 4: ASBR
LSA 5: AS
external
Alcatel-Lucent Scalable IP Networks v1.1

Non-OSPF

ASBR

routed domain

Module 7 |

44

All rights reserved 20062007 Alcatel-Lucent

An ABR now connects Area 0 to Area 2. In addition, Area 2 contains an ASBR, which is connected to a non-OSPF
routed domain.
When the ABR comes up, its sends/receives router LSAs from both the respective areas.
The ASBR advertises a type 5 LSA, which is flooded throughout the area.
The ABR then sends an ASBR LSA into Area 0, indicating the router ID of the ASBR.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Area 0

Module 7 page 44

OSPF Route Selection

Router 3 to B

Path 1 cost 12

Area 0

t
Cos

0
=1

Cos
t=

Area 1

Cost
= 10

7
DR

Cost = 1

Cost = 1

= 100
Cost

BDR

st
Co

SPF algorithm

Area 2
Router 3 Link-state database
Paths from Router 3 to reach B

Cos
t=

10

Path 1 (via R5) cost 12


Path 2 (via R4) cost 22
Path 3 (via R6) cost 101

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

45

All rights reserved 20062007 Alcatel-Lucent

Each router gathers all the received LSAs and enters them into the link-state database. The SPF algorithm is applied
to this database and is used to calculate the shortest path tree. The SPF algorithm is run first to create the branches
of the tree (routers) and second to create the leaves (stub networks) on the branches.
OSPF calculates the shortest path using a cost metric. This cost is assigned to each interface and depends on the
bandwidth of the interface. The cost of a route is the sum of all costs of each interface that a packet must traverse
to reach its destination.
When all of the costs have been calculated, the route to the destination with the lowest cost is entered in the
forwarding table and all traffic going to that destination uses this route.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Forwarding table

Module 7 page 45

Authentication

MD5 allows an authentication key to be configured per


interface. Links between adjacent routers must be
configured with the same key.
By default, authentication is not enabled on an interface.

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

46

All rights reserved 20062007 Alcatel-Lucent

MD5 is a method of verifying data integrity and is more reliable than a common checksum.
MD5 is an algorithm that takes a message of variable length and creates a 128-bit message digest. The message
digest is then transmitted to the neighbor and can only be decrypted by a receiving station that has the correct
password.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

All OSPF protocol exchanges can be authenticated. This


means that only trusted routers can participate in
autonomous system routing. Alcatels implementation of
OSPF in the 7750 SR supports plain text and MD5
authentication (also called simple password).

Module 7 page 46

Show OSPF Neighbors

===============================================================================
OSPF Neighbors
===============================================================================
Nbr IP Addr

Nbr Rtr Id

Nbr State

Priority

RetxQ Len

Dead Time

------------------------------------------------------------------------------192.168.2.1

172.0.0.154

Full

30

------------------------------------------------------------------------------No. of Neighbors: 1

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

47

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the adjacencies formed by OSPF with its directly connected neighbors, including the interface
that the adjacency was formed on and the router ID of the immediate neighbor.
Note the neighbor state: when the routers have formed their adjacency and the databases are synchronized, the
state is Full, as shown above. Other states that may be displayed are Init, Exstart, and Exchange; however, these
states are only briefly displayed. The final state is Full.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:SR1# show router ospf neighbor

Module 7 page 47

Show OSPF Interfaces

===============================================================================
OSPF Interfaces
===============================================================================
If Name

Area Id

Designated Rtr

Bkup Desig Rtr

Adm

Oper

-----------------------------------------------------------------------------system

0.0.0.0

172.0.0.152

0.0.0.0

Up

DR

fast

0.0.0.0

192.168.2.1

192.168.2.2

Up

BDR

faster

0.0.0.0

0.0.0.0

0.0.0.0

Up

Down

------------------------------------------------------------------------------No. of OSPF Interfaces: 3

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

48

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the interfaces that are running OSPF, including their names and the areas that they belong to.
Note that the Adm status is Up and the Oper status is either, in this case, DR, BDR, or Down.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:SR1# show router ospf interface

Module 7 page 48

Show OSPF Link State Database

===============================================================================
OSPF Link State Database (Type : All) (Detailed)
===============================================================================
------------------------------------------------------------------------------Router LSA for Area 0.0.0.0
------------------------------------------------------------------------------Area Id

: 0.0.0.0

Adv Router Id

: 172.0.0.152

Link State Id

: 172.0.0.152

LSA Type

: Router

Sequence No

: 0x80000274

Checksum

: 0x78bf

Age

: 543

Length

: 48

Options

: E
Link Count

: 2

Flags

: None

Link Type (1)

: Stub Network

Network (1)

: 172.0.0.152

Mask (1)

: 255.255.255.255

No of TOS (1)

: 0

Metric-0 (1)

: 1

Link Type (2)

: Transit Network

DR Rtr Id (2)

: 192.168.2.1

I/F Address (2)

: 192.168.2.2

No of TOS (2)

: 0

Metric-0 (2)

: 1000

------------------------------------------------------------------------------Router LSA for Area 0.0.0.0


------------------------------------------------------------------------------Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

49

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the detailed information for one LSA in the link-state database.
The information includes the area that the link belongs to, the ID of the router that is sending the LSA, the link-state
ID of the LSA, and the type of LSA. Note that in this case, the router ID and link-State ID are the same, because this is
the LSA that depicts the system interface. In addition, this is a type 1 (router) LSA.
The information also includes the type of network that the link belongs to, the network address, the network mask,
and the metric for this link. Because this is the system interface, the network address is the interface address and
the mask is 255.255.255.255 or /32. The metric for the system interface is 1 as it is a loopback or virtual interface.
This slide also shows the network interface that the LSA is advertised out of and the metric that is associated with
the interface. In this case, the interface is a 100 Mb/s Ethernet interface with a metric of 1000.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:SR1# show router ospf database detail

Module 7 page 49

Show Route Table

===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Address

Next Hop

Type

Proto

Age

Metric

Pref

------------------------------------------------------------------------------172.0.0.152/32

system

Local

Local

12d19h24m

172.0.0.154/32

192.168.2.1

Remote

OSPF

11d17h16m

1001

10

192.168.2.0/30

fast

Local

Local

11d17h17m

------------------------------------------------------------------------------No. of Routes: 3
===============================================================================

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

50

All rights reserved 20062007 Alcatel-Lucent

The slide above shows the forwarding information that is used by the router to forward traffic to its destination.
Note that the local routes have a metric of 0 and a preference of 0. Therefore, if OSPF had learned of paths to these
destinations, they would not be entered in the forwarding table because the OSPF preference value is 10.
The information also includes the address or name of the next-hop interface. If it is a local route, the name of the
interface is displayed. If it is a remotely learned route, the address of the interface that advertised the route to this
router is displayed.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A:SR1# show router route-table

Module 7 page 50

Module Summary

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

51

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

With Link state protocols


every router has the same view of the network (same
topology database),
routing updates are triggered when there are topology
changes,
paths are computed to each reachable destination using
shortest path first algorithm
OSPF and ISIS are Link state protocols
OSPF has concept of areas which break network into smaller
pieces, reducing the amount of routing update flooding
The three types of areas are: Backbone, Normal, Stub

Module 7 page 51

Module Summary (contd)

y within a non-zero (backbone) area

Area Border Router (ABR):


y between two or more different OSPF areas

Autonomous System Border Router (ASBR):


y connects OSPF routing domains to another non-OSPF routing
domain

Backbone Router:
y within backbone area

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

52

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The four types of routers are:


Internal Router:

Module 7 page 52

Module Summary (contd)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

53

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

There are 5 types or OSPF packets used to establish


adjacencies, maintain the adjacencies, and exchange routing
information
Hello
Database Description
Link State Request
Link State Update
Link State Acknowledgement

Module 7 page 53

Module Summary (contd)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

54

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

The 5 main LSA types are:


Type 1 Router LSA
Type 2 Network LSA
Type 3 Summary LSA
Type 4 ASBR Summary LSA
Type 5 AS-External LSA
On a shared media one router becomes the Designated Router
and is responsible for sending LSAs on the network

Module 7 page 54

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

55

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. In OSPF, what are the areas used for?


A. Simplify network design.
B. Reduce the amount of transit customer traffic.
C. Reduce the amount of LSA traffic.
2. Which one of the following routers connects an OSPF routing domain
to a non-OSPF routing domain?
A. ASBR
B. Backbone
C. ABR
D. Internal
3. In OSPF terminology, what is the cost used for?
A. Cost is the monetary value of a link, such as a satellite link.
B. Cost is a metric value used by the SPF algorithm for path
calculations.
C. Cost is the preference value used to select paths learned from
different routing protocols.

Module 7 page 55

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

56

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

4. How many databases are formed by standard OSPF?


A. 3
B. 4
C. 2
D. 1
5. All non-zero areas must connect to Area 0.
A. True
B. False
6. Which of the following areas supports external routes in the routing
table?
Choose all that apply.
A. Stub
B. Backbone
C. Normal

Module 7 page 56

Learning Assessment (continued)

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 7 |

57

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

7. Which of the following packets is also used as a keepalive?


A. Database description
B. Link-state request
C. Link-state update
D. Link-state acknowledgment
E. Hello

Module 7 page 57

Learning Assessment Answers

Alcatel-Lucent Scalable IP Networks v1.1

Module 7 |

58

All rights reserved 20062007 Alcatel-Lucent

1. In OSPF, what are the areas used for?


A. Simplify network design.
B. Reduce the amount of transit customer traffic.
C. Reduce the amount of LSA traffic.
2. Which one of the following routers connects an OSPF routing domain to a non-OSPF routing domain?
A. ASBR
B. Backbone
C. ABR
D. Internal
3. In OSPF terminology, what is the cost used for?
A. Cost is the monetary value of a link, such as a satellite link.
B. Cost is a metric value used by the SPF algorithm for path calculations.
C. Cost is the preference value used to select paths learned from different routing protocols.
4. How many databases are formed by standard OSPF?
A. 3
B. 4
C. 2
D. 1
5. All non-zero areas must connect to Area 0.
A. True
B. False
6. Which of the following areas supports external routes in the routing table?
Choose all that apply.
A. Stub
B. Backbone
C. Normal
7. Which of the following packets is also used as a keepalive?
A. Database description
B. Link-state request
C. Link-state update
D. Link-state acknowledgment
E. Hello

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Page left blank for notes

Module 7 page 58

LAB 4.2 Multi-Area OSPF

Edge-Pod2

Pod2
Area 1
Area 2
Core-Pod1

Core-Pod2

OSPF

Core-Pod3

Pod3

Area 3

Edge-Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Core-Pod4

Pod4

Area 4

Edge-Pod4

Module 7 |

59

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Edge-Pod1

Pod1

Module 7 page 59

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Module 8 Introduction to Border Gateway Protocol

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Define the use of border gateway protocol
Define public and private autonomous systems
Explain why an IGP must be running to support BGP
Define the difference between EBGP and IBGP peers

Module 8 page 2

BGP History

1989

BGP
BGP
v2
v2
RFC
RFC 1163
1163

1990

RFC
RFC 1164
1164
implementation
implementation

Alcatel-Lucent Scalable IP Networks v1.1

BGP
BGP
v3
v3
RFC
RFC 1267
1267

1991

RFC
RFC 1168
1168
implementation
implementation

BGP
BGP
v4
v4
update
update
RFC
RFC 1771
1771

BGP
BGP
v4
v4
RFC
RFC 1654
1654

1994

RFC
RFC 1655
1655
implementation
implementation

2006

1995

BGP
BGP
v4
v4
update
update
RFC
RFC 4271
4271

Present

RFC
RFC 1772
1772
implementation
implementation

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

Over the course of BGPs existence, multiple RFCs have been created and commonly accepted. The slide above lists
the RFCs that explicitly define the characteristics of basic BGP.

In 1989, a workgroup started to outline and create the first RFC for BGP.

RFC 1105 is the first RFC for BGP. It defined the basic operation and common characteristics used by BGP.
This was the BGPv1 specification that was first released for public use.

In 1990, RFC 1163 was released. This RFC incorporated additional features and modifications to the original
RFC and was known as BGPv2.

At the same time, RFC 1164 was created to describe the proper implementation of BGP.

Since the release of RFC 1164 and BGPv2, all subsequent releases of BGP have been accompanied by a new
RFC related to implementation.

The currently accepted version of BGP is version 4. The currently accepted RFC for BGPv4 is RFC 1771, with
accompanying implementation RFC 1772.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

BGP
BGP original
original
RFC
RFC 1105
1105

Module 8 page 3

Autonomous Systems in BGP

AS-65003

A group of networks and network equipment under a


common administration

AS-65001

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

IGP protocols such as OSPF, IS-IS, and RIP run in an AS


BGP is used to connect autonomous systems

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

AS-65002

Module 8 page 4

Autonomous Systems in BGP (continued)

Private autonomous systems


Assigned by ISPs (for some clients), local administrators,
and so on
Not allowed to be advertised to other ISPs or on the
Internet
Range from 64512 to 65535

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

Regional Internet Registries


Regional Internet Registries (RIRs) are nonprofit corporations established for the purpose of administration and
registration of Internet Protocol (IP) address space and Autonomous System (AS) numbers. There are five RIRs:
Registry

Geographic Region

AfriNIC

Africa, portions of the Indian Ocean

APNIC

Portions of Asia, portions of Oceania

ARIN

Canada, many Caribbean and North Atlantic islands, and the United States

LACNIC

Latin America, portions of the Caribbean

RIPE NCC

Europe, the Middle East, Central Asia

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Public autonomous systems


Assigned by ARIN or another authority
Must be used when connecting to other autonomous systems
in the Internet
Range from 0 to 64511

Module 8 page 5

BGP Protocol Overview


Interior Gateway Protocols

AS-65002

AS-65003
Exterior Gateway Protocols
IGPs run within an autonomous system

AS-65001

Alcatel-Lucent Scalable IP Networks v1.1

EGPs run between autonomous systems

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

IGPs are protocols that run actively within an autonomous system. Common protocols that are used in this manner
are RIP, IS-IS, and OSPF.
EGPs are protocols that run actively between autonomous systems. The only commonly accepted protocol used as an
EGP is BGP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

OSPF
IS-IS
RIP

Module 8 page 6

Requirement for an IGP

OSPF

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

BGP is not a discovery protocol. It has no mechanism to find its way to a neighboring router if a path does not
already currently exist in the routing table. BGP therefore requires an IGP of some kind (OSPF, IS-IS, RIP, or static
routes) to find a path to the other BGP speakers so that TCP can establish a peering session with those BGP speakers.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

BGP is not a discovery protocol


An IGP routing protocol is needed within the Autonomous
System so that BGP routers know how to reach other BGP
routers within the AS

Module 8 page 7

BGP Scope

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

BGPv4, defined in RFC 1771, provides reachability information to foreign networks (outside the AS) by enabling the
exchange of routing information between ASs to allow for data flow between them. When the exchange is enabled,
of equal or greater concern is the application of administrative policy to the traffic flows.
Policy implementation is a key strength of BGP and allows the administration to manipulate traffic based on virtually
any policy.
BGP has proven scalability. It is the protocol of choice for service providers, running on their Internet routers. BGP is
the fundamental building block of the Internet and is used by every service provider in the world for service-provider
interoperability. BGP is the most feature-rich and scalable routing protocol in use today. It supports the current
requirements of the Internet, and with extended capabilities such as multiple protocol families and extended AS
numbers, is well-positioned for the future.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Enables the exchange of routing information between


autonomous systems
Enables the implementation of administrative policies
Already scaled to:
Large number of autonomous systems
Large number of neighbors
Large volume of table entries
High rate of change

Module 8 page 8

BGP Features

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

All rights reserved 20062007 Alcatel-Lucent

Although BGP is an enhanced distance vector protocol, it is specifically called a path vector protocol.
Neighbor relationships in BGP are somewhat different from what is normal in the IGP world. Traditionally, neighbors
are always directly connected routers. With BGP, this is no longer the case: neighbors may be directly connected, but
it is not required because BGP uses unicast TCP/IP for neighbor establishment. It is possible for neighbor relationships
to be established with any device that is IP-reachable. There is no guarantee that the neighbor relationship will
succeed because factors such as firewalls or access control lists may prevent certain types of traffic from passing,
but they are possible and likely to occur.
At the application layer, BGP functions similarly to other TCP/IP applications, such as Telnet, FTP, and HTTP. BGP
may be viewed as an application because it uses registered port number 179 in the TCP/IP model.
Generic TCP/IP applications use a 3-way handshake for session establishment, and once this is completed a TCP/IP
session is formed. After the session, the applications exchange or negotiate a set of parameters for the session. In
Telnet, for example, parameters such as terminal types and passwords are typically negotiated. If application-level
parameters are also acceptable, a session is established at the application layer and data is exchanged. Periodic user
data keeps the session alive. When the session is to be terminated, either user input or an inactivity timeout causes
the application session to be torn down and TCP/IP to initiate the 4-way session teardown.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path vector protocol


Neighbors can be any reachable devices
Unicast exchange of information
Reliability via TCP
Uses well-known TCP port 179
Periodic keepalive for session management
Event-driven
Robust metrics
Behavior is similar to other TCP/IP applications

Module 8 page 9

BGP Considerations

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

11

All rights reserved 20062007 Alcatel-Lucent

Protocols that are based on distance vector mechanisms, such as path vector, share certain common characteristics.
The two that are significant to BGP are hop count and split horizon. It is important to note that these two behaviors
are present in the BGP protocol.
Adding to the complexity of BGP is the fact that topology and routing table sizes become much larger than in an IGP
environment. The increased size of these tables means that factors such as CPU loading, memory utilization, update
generation, and route processing have a far greater implication in BGP.
These items, and others, affect convergence. Convergence may be viewed in two ways. Local convergence is the
time taken for a router to receive and process all outstanding messages and settle on a stable topology. Network
convergence is the time taken for all routers in the system to settle on a stable topology. In IGP terms, the system is
usually the local AS. In BGP terms, the system is the Internet.
Because the entire Internet is the scope of BGP, the administration is typically more complex than that in a single AS.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Path vector protocol roots are distance vector


All distance vector protocols share similar characteristics:
Hop count is a metric
Split horizon is a factor
Table sizes are significantly larger than in IGP
Convergence is an issue
Administratively complex

Module 8 page 11

EBGP vs. IBGP Overview

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

12

All rights reserved 20062007 Alcatel-Lucent

There are two possible types of BGP neighbor relationships. Regardless of the type, a BGP session between two
devices is alternatively referred to as a neighbor or peer session. A BGP router is also referred to as a BGP speaker.
A session between two devices in different autonomous systems is referred to as an external BGP or EBGP session. It
is typical for devices having an EBGP session to be directly connected, sharing a common data link, but it is not
mandatory. Because the devices are in different autonomous systems, the administration of each device is typically
handled separately. Care must therefore be taken to ensure that the configuration parameters match so that the
peering will succeed.
A session between two devices in the same autonomous system is referred to as an internal BGP or IBGP session. It is
typical for devices having an IBGP session not to be directly connected, as they may be across the country or the
world. Because the devices are in the same autonomous system, the administration of each device is typically
handled by the same organization. Care must still be taken to ensure that the configuration parameters match so
that the peering will succeed, but as the devices are locally controlled, this is often an easier task than with EBGP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Two types of BGP sessions are possible


External BGP (EBGP) sessions:
Routers are in different autonomous systems
Typically directly connected, but not mandatory
Different administrations
Internal BGP (IBGP) sessions:
Routers are in the same autonomous systems
Typically non adjacent routers; could be directly connected
Same administration

Module 8 page 12

Internal BGP

AS-65002

Physical Link

AS-65004

AS-65003

AS-65001

IBGP neighbors are peers in the same autonomous system.


By default, they do not need to be directly connected.

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

13

All rights reserved 20062007 Alcatel-Lucent

A session between two devices in the same autonomous system is referred to as an IBGP session. Because the devices
are in the same autonomous system, the administration of each device is typically handled by the same organization.
Care must still be taken to ensure that the configuration parameters match so that the peering will succeed, but as
the devices are locally controlled, this is often an easier task than with EBGP.
A requirement for IBGP is that all routers that participate in an IBGP session must be fully meshed. This requires that
every router needs to be able to establish an IBGP session with every other router in the AS. The rationale behind this
is beyond the scope of this course and will be fully covered in the BGP course.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Internal BGP sessions (IBGP)

Module 8 page 13

External BGP

AS-65002

Physical Link

AS-65004

AS-65003

AS-65001

Alcatel-Lucent Scalable IP Networks v1.1

EBGP neighbors are peers in different autonomous systems.


By default, they need to be directly connected..

Module 8 |

14

All rights reserved 20062007 Alcatel-Lucent

A session between two devices in different autonomous systems is referred to as an EBGP session. It is typical for
devices having an EBGP session to be directly connected, sharing a common data link, but it is not mandatory.
Because the devices are in different autonomous systems, the administration of each device is typically handled
separately. Care must therefore be taken to ensure that the configuration parameters match so that the peering will
succeed.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

External BGP sessions (EBGP)

Module 8 page 14

When to Use BGP

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 8 |

15

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Use BGP in the following environments:


You are an ISP and need to pass client traffic from one AS
to another AS.
You need to multi-home to several ISPs due to company
requirements.
Traffic flow from or to your company must be manipulated
and controlled.
Do not use BGP in the following environments:
There is no need to have more than one connection to the
Internet.
Company engineers do not understand how BGP works.
The hardware and physical links to the ISP are not able to
handle the load of BGP traffic.

Module 8 page 15

BGP Metrics

BGP uses multiple metrics to select the best path to a


destination network.

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

16

All rights reserved 20062007 Alcatel-Lucent

BGP, as stated above, can implement multiple criteria in selecting the best path to a destination. This makes BGP a
very flexible and complicated protocol in the configuration process. However, it does give the administrator a way to
influence the way traffic will flow across the network.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IGP protocols use single metrics for path determination:


RIP Hop count
OSPF Cumulative cost
ISIS Cumulative cost

Module 8 page 16

BGP Attributes

y AS-path
y Next-Hop
y Origin
y Local Preference
y Multiexit Discriminator (MED)
y Others

Attributes are carried inside update messages

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

17

All rights reserved 20062007 Alcatel-Lucent

After BGP establishes a session, routing updates are exchanged. The routing update contains a prefix and
metrics. In BGP, metrics are called attributes.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Metrics are called attributes


BGP attributes include the following:

Module 8 page 17

AS Path

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

18

All rights reserved 20062007 Alcatel-Lucent

The AS Path attribute identifies the sequence of Autonomous Systems through which this UPDATE message
has passed.
This attribute is not a single item, like origin code, but is a list that may contain zero, one or more
entries. The list may be read in either direction, but if reading from left to right then the significance
of the list entries is as follows. The leftmost entry in the list is the neighboring AS that sent the prefix
into your AS. The rightmost entry in the list is the originating AS for the prefix. Any intermediate
entries are transit ASs that the update has passed through on its way to you.
If you are viewing the update inside the originating AS, the list will be empty or null, since the update has
not yet passed through any ASs.
The behavior of this attribute is that the AS number of the sender will be prepended (added to the
beginning) to the list whenever the update crosses an AS boundary.
If a router receives an update containing the local AS number already in the path sequence, the update is
flagged as a loop.
The implementation of AS_PATH is the hop count of BGP. It is important to note that this hop count is not
an indication of the number of routers that the update has passed through, but of the number of ASs
the update has passed through, regardless of the actual number of routers.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

AS Path identifies the Autonomous System(s) through


which this UPDATE message has passed
Modified by any border router when propagating an update
across an AS boundary
y Local AS number inserted at the beginning of the list
AS Path is a variable length list. Reading left to right:
y The leftmost entry is the AS that sent the prefix to you
y The rightmost entry is the originator of the prefix
y Intermediate entries (if present) are transit ASs
y The list may be null
AS Path is the hop count of BGP
Used for loop detection

Module 8 page 18

AS Path

Prefix

AS 65100

Router X

Origin AS Path next-hop

AS 65250

Update in AS 65200

Router A

null
Prefix

AS 65200

65200 65100

Origin AS Path next-hop

Prefix

Update originated in AS 65100

Alcatel-Lucent Scalable IP Networks v1.1

Router Y

Router B

Origin AS Path next-hop

Update received at Router Y

Module 8 |

19

All rights reserved 20062007 Alcatel-Lucent

In the above illustration, the same BGP update is being originated by the router in AS 65100. The prefix in
the update message is internal to AS 65100. Since this router is inside the originating AS, the AS Path is
null.
The attribute will propagate in all further BGP updates for this prefix, in this example across AS 65200 and
65250, and each time the update crosses an AS boundary, the AS number of the sender will be
prepended to the AS Path list.
When the update arrives in AS 65200, it has crossed an AS boundary in order to get there, so the AS Path
attribute now contains 65100, the AS number of the sender.
Similarly, when it arrives in AS 65250, the AS Path attribute now contains the sequence 65200 65100.
If we read the AS Path from left to right, it represents the sequence of ASs leading back to the origin of
the route.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

65100

Module 8 page 19

Next-hop

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

20

All rights reserved 20062007 Alcatel-Lucent

Next-hop defines the IP address of the border router that should be used as the next hop to the
destinations listed in the Network Layer Reachability field of the UPDATE message.
When a BGP speaker advertises the route to a BGP speaker located in its own autonomous system, the
advertising speaker shall not modify the NEXT_HOP attribute associated with the route.
When a BGP speaker advertises the route to a BGP speaker located in a remote autonomous system, the
advertising speaker may modify the NEXT_HOP attribute associated with the route.
The typical behavior is to set the next-hop attribute to the IP address of the egress interface used to send
the Update to the remote neighbor. There is no restriction that this must be the case, so other
scenarios are possible. The next-hop attribute is one of the greatest administrative challenges when
deploying BGP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Next-hop - the IP address of the border router that should


be used as the next hop towards the destination
Set by the border router to the local interface address used
to reach the neighbor, when propagating an update across
an AS boundary
The behavior is not always the same
y Point-to-point networks
y Multi-access networks
y System Addresses
May be administratively modified

Module 8 page 20

Next-hop

Prefix

AS 65100

AS 65250

Update in AS 65200

Router Y

Router A

Router X

varies*
Prefix

AS 65200
Origin AS Path next-hop

Router B

Origin AS Path next-hop

Update originated in AS 65100

Alcatel-Lucent Scalable IP Networks v1.1

Prefix

Router B
Origin AS Path next-hop

Update received at Router Y

Module 8 |

21

All rights reserved 20062007 Alcatel-Lucent

In the above illustration, the same BGP update is being originated by the router in AS 65100. If viewed on a router inside
the originating AS, the next-hop attribute may be one of several addresses, depending on the configuration.
If the network is directly connected to the router originating the prefix, the next-hop is not relevant locally (it is
directly connected), and will not be present in the local BGP table. If the prefix was learned from another router in
the same AS (not shown in the diagram), then the next-hop will be the IP address of the originating router.
In either case, the border router will set the next-hop address to the interface used to reach the router in AS 65200
when it propagates the update.
The next-hop attribute will propagate in all further BGP updates for this prefix, in this example across AS 65200 and
65250, and each time the update crosses an AS boundary, the next-hop attribute will be set to the IP address of the
egress interface used to send the update to the remote neighbor.
When the update is sent between the routers within AS 65200, the next-hop is unmodified by default, it remains the
address of the router in AS 65100.
When the update arrives in AS 65250, it crossed an AS boundary to get there, so the next-hop attribute now contains the
IP address of the eBGP router that sent the update to AS 65250.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Router X

Module 8 page 21

Origin Code

Name

Code

Value

Meaning

IGP

interior to the originating AS

EGP

learned via EGP

Incomplete

learned by some other means

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

22

All rights reserved 20062007 Alcatel-Lucent

The ORIGIN attribute shall be generated by the autonomous system that originates the associated routing
information. It shall be included in the UPDATE messages of all BGP speakers that choose to propagate
this information to other BGP speakers.
It can assume the following values:
0 - IGP - Network Layer Reachability Information is interior to the originating AS, i.e. it is learned via an
IGP protocol
1 - EGP - Network Layer Reachability Information learned via EGP
2 - INCOMPLETE - Network Layer Reachability Information learned by some other means, such as static
route, or directly connected interface
Once set the ORIGIN attribute should never be modified.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Origin Code - defines the origin of the path information


Lower Origin value is preferred
Set by originating AS, should never change

Module 8 page 22

Origin Code

Prefix

AS 65100

Router X

Origin AS Path next-hop

AS 65250

Update in AS 65200

Router A

i
Prefix

AS 65200

Router Y

Router B
i

Origin AS Path next-hop

Prefix

Update originated in AS 65100

Origin AS Path next-hop

Update received at Router Y

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

23

All rights reserved 20062007 Alcatel-Lucent

In the above illustration, a BGP update is being originated by the router in AS 65100. The prefix (or NLRI)
in the update message is learned via an IGP protocol internal to AS 65100, so the origin code should be
set to i. It will be unknown by default.
The attribute will propagate in all further BGP updates for this prefix, in this example across AS 65200 and
65250, and should never be modified.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Module 8 page 23

Local Preference

yThe degree of preference for each external route.


Used only with iBGP.
yThis attribute can be used to manipulate the way
traffic egresses the Autonomous System

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

24

All rights reserved 20062007 Alcatel-Lucent

LOCAL_PREF shall be included in all UPDATE messages that a given BGP speaker sends to the other BGP speakers
located in its own autonomous system. A BGP speaker shall calculate the degree of preference for each external
route and include the degree of preference when advertising a route to its internal peers. The higher degree of
preference should be preferred.
LOCAL_PREF is only used in iBGP. A BGP speaker shall not include this attribute in UPDATE messages that it
sends to BGP speakers located in a neighboring autonomous system. If it is contained in an UPDATE message
that is received from a BGP speaker which is not located in the same autonomous system as the receiving
speaker, then this attribute shall be ignored by the receiving speaker.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Local preference

Module 8 page 24

Multi Exit Discriminator (MED)

yDefines the preferred entry point to the local


Autonomous System
yThis attribute can be used to manipulate the way
traffic ingresses the Autonomous System

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

25

All rights reserved 20062007 Alcatel-Lucent

The MULTI_EXIT_DISC may be used on external (inter-AS) links to discriminate among multiple exit or entry
points to the same neighboring AS. The value of the MULTI_EXIT_DISC attribute is a four octet unsigned
number which is called a metric. All other factors being equal, the exit or entry point with lower
metric should be preferred.
If received over external links, the MULTI_EXIT_DISC attribute may be propagated over internal links to
other BGP speakers within the same AS. The MULTI_EXIT_DISC attribute is never propagated to other
BGP speakers in neighboring AS's.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Multi Exit Discriminator (MED)

Module 8 page 25

BGP Route Selection Criteria

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

26

All rights reserved 20062007 Alcatel-Lucent

This chart depicts the BGP route selection criteria as implemented on the Alcatel 7750 SR. When BGP
receives multiple routes to the same destination prefix, the route selection criteria is used to select
the best route.
A route will never be considered if it does not have the valid flag associated to it, contains an AS-Path loop
or the next-hop is unreachable.
For each prefix in the BGP table, the first entry for that prefix is compared to the next in the list, until a
best route is found for each.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

If the entry is valid, loop-free and the next-hop is


reachable, then prefer the
1. Route with higher local preference
2. Route with the shorter AS path
3. Route with the lower origin code
4. Route with the lowest MED
5. Route learned from an EBGP peer before those learned
from an IBGP peer
6. Route with the lowest IGP cost to the next-hop
7. Route with the lowest BGP router-ID
8. Route with the shortest cluster list
9. Route with the lowest peer IP address

Module 8 page 26

Show BGP Neighbor

===========================================================================
BGP Neighbor
===========================================================================
--------------------------------------------------------------------------Peer : 192.168.1.5

Group : bgp

--------------------------------------------------------------------------Peer AS

: 65002

Peer Address

: 192.168.1.5

Local AS

: 65001

Local Address

: 192.168.1.6

Peer Type

: External

State

: Established

Last Event

: recvKeepAlive

Last Error

: Cease

Peer Port

: 49353

Local Port

: 179

Last State

: Established

(continued on next slide)

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

27

All rights reserved 20062007 Alcatel-Lucent

The information shown in the above graphic and continued on the next slide is the output showing the information of
a BGP peering session. It first identifies the peer by the IP address (192.168.1.5) and then gives the Peer AS number
(65002). It then identifies the local information and gives the state of the connection. If the state says anything other
then ESTABLISHED then there is a problem. It shows the last event which is the last message that it has received.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Node_181# show router bgp neighbor

Module 8 page 27

Show BGP Neighbor (continued)

Local Family

: IPv4

Remote Family

: IPv4

Local Capability : RouteRefresh MP-BGP

Remote Capability: RouteRefresh MP-BGP

Hold Time

Keep Alive

: 90

Active Hold Time : 90

: 30

Active Keep Alive: 30

Cluster Id

: None

Preference

: 170

Num of Flaps

: 1

Recd. Prefixes

: 6

Active Prefixes

: 3

Recd. Paths

: 2

Suppressed Paths : 0

Input Queue

: 0

Output Queue

: 0

i/p Messages

: 25

o/p Messages

: 23

i/p Octets

: 673

o/p Octets

: 621

i/p Updates

: 7

o/p Updates

: 6

Import Policy

: None Specified / Inherited

Export Policy

: rip

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

28

All rights reserved 20062007 Alcatel-Lucent

This is a continuation from the previous slide. There is a lot of information shown above but some of the more
important information is the local and remote capability. Notice that both support MP-BGP. This is Multi-Protocol
BGP and will be covered in the BGP protocol class. Other important information are the timers for the hold and keep
alive. These must match in a peering session. The final areas to note are the import and export policies. As was
previously stated BGP is not a discovery protocol and not only must you tell it where to go to peer, you must also tell
it what information you want it to advertise.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

(continued from previous slide)

Module 8 page 28

Show BGP Paths

==========================================================================
BGP Router ID : 172.0.0.181

AS : 65001

Local AS : 65001

==========================================================================
BGP Paths
==========================================================================
Path: 65004 65002
Origin

: Incomplete

Next Hop

MED

: none

Local Preference : none

: 192.168.1.10

Refs

: 4

ASes

Segments

: 1

Flags

: EBGP-learned

: 2

-------------------------------------------------------------------------Path: 65002
Origin

: Incomplete

Next Hop

MED

: none

Local Preference : none

Refs

: 8

ASes

Segments

: 1

Flags

: EBGP-learned

Alcatel-Lucent Scalable IP Networks v1.1

: 192.168.1.5
: 1

Module 8 |

29

All rights reserved 20062007 Alcatel-Lucent

The above graphic shows the BGP Paths that have been learned by the router. Note that the path lists the AS
numbers of the systems that it must traverse and whether they were learned through e-BGP or i-BGP.
Note that there may a very large number of BGP paths in the routers routing table and as such it may be wise to
specify the particular routes of interest when executing the show router bgp paths command.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Node_181# show router bgp paths

Module 8 page 29

Show BGP Summary

===============================================================================
BGP Comprehensive Summary
===============================================================================
ServiceId

AS

PktRcvd

Neighbor

InQ

PktSent

Up/Down State| Recv/Actv/Sent(IPv4)

OutQ

Recv/Actv/Sent(VpnIPv4)

---------------------------------------------------------------------------------Def. Instance

65002

30

192.168.1.5
Def. Instance

0
28

65004

192.168.1.10

21

0
23

00h10m17s

6/3/6

00h07m27s

6/2/7

VPN-IPv4 Incapable

VPN-IPv4 Incapable

===============================================================================

Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

30

All rights reserved 20062007 Alcatel-Lucent

The above graphic shows a summary of the Autonomous Systems that the router has learned about and the amount of
packet traffic it has received from those systems.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Node_181>show>router>bgp# summary all

Module 8 page 30

Show BGP Group

=========================================================================
BGP Group : bgp
=========================================================================
Description

: (Not Specified)

Group Type

: No Type

State

: Up

Peer AS

: n/a

Local AS

: 65001

Local Address

: n/a

Loop Detect

: Ignore

Import Policy

: None Specified / Inherited

Export Policy

: rip

Hold Time

: 90

Keep Alive

: 30

Cluster Id

: None

Client Reflect

: Enabled

NLRI

: Unicast

Preference

: 170

Established

: 2

List of Peers
- 192.168.1.5

: (Not Specified)

- 192.168.1.10

: (Not Specified)

Total Peers

: 2

------------------------------------------------------------------------Peer Groups : 1
Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

31

All rights reserved 20062007 Alcatel-Lucent

BGP, like RIP, uses the concept of Groups in its configuration. Inside the group, the operator will configure the
neighbor information for the BGP protocol to use for peering. Note above, that there are two peers configured and
the two sessions established.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Node_181>show>router>bgp# group bgp

Module 8 page 31

Show BGP Routes

===============================================================================
BGP Router ID : 172.0.0.181

AS : 65001

Local AS : 65001

===============================================================================
Legend Status codes

: u - used, s - suppressed, h - history, d - decayed, * - valid

Origin codes

: i - IGP, e - EGP, ? - incomplete, > - best

===============================================================================
Flag

Network

Nexthop

VPN Label

As-Path

LocalPref

MED

------------------------------------------------------------------------------u*>?

11.11.11.0/24

192.168.1.5

none

none

none

none

65002
*?

11.11.11.0/24

192.168.1.10
65004 65002

Press any key to continue (Q to quit)


Alcatel-Lucent Scalable IP Networks v1.1

Module 8 |

32

All rights reserved 20062007 Alcatel-Lucent

The above graphic is just a portion of the output of the BGP routes. This shows all learned BGP routes to all
destinations. It marks each route as valid, the origin of the route and whether the route is used or not. The > signifies
the best route and this is the route that will be entered into the routing table.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Node_181>show>router>bgp# routes

Module 8 page 32

Protocol Summary

RIPv2

BGP

OSPF

ISIS

Updates

Periodic

Incremental

Incremental

Incremental

Update type

Broadcast/Multicast

Unicast

Multicast

Multicast

Authentication

Simple & MD5

MD5

Metric

Hops

Multiple

Cost

Default

Metric type

Distance vector

Adv. DV

Link-state

Link-state

VLSM/CIDR support

Yes

Yes

Yes

Yes

Topology size

Small

Very large

Large

Large

Transport protocol

UDP

TCP

Application port #

520

179

Protocol #

89

Alcatel-Lucent Scalable IP Networks v1.1

Simple & MD5 Simple & MD5

Module 8 |

33

All rights reserved 20062007 Alcatel-Lucent

The comparison above shows the differences and similarities of the routing protocols that are supported on the
Alcatel 7750 SR platforms. RIP, OSPF, and IS-IS are the IGPs and BGP is the EGP.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Feature

Module 8 page 33

Module Summary

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 8 |

34

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

This module provided a brief overview of BGP.


BGP is an external routing protocol.
Provided an understanding of IBGP and EBGP
Provided an understanding of the operation of BGP and its
route selection process
BGP connects autonomous systems to other autonomous
systems.
Provided a high-level summary of the features of the
routing protocols

Module 8 page 34

Learning Assessment

2. BGP is referred to as a path vector protocol, which means that


path selection is based on what?
a. AS Hop count
b. Cost
c. AS numbers
d. Default

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 8 |

35

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. Two BGP speakers establish a peering session. One BGP speaker is


in AS 65001, and the other is in AS 65002. What type of peering
session is it?
a. EGP
b. IGP
c. IBGP
d. EBGP

Module 8 page 35

Learning Assessment (continued)

4. What does BGP require to work correctly within an AS?


a. An IGP
b. The BGP speakers must be configured with different AS
numbers.
c. The BGP speakers must be installed on the edge of the network.

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 8 |

36

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

3. What transport layer protocol and port number does BGP use?
a. TCP port 79
b. UDP port 79
c. TCP port 179
d. UDP port 179

Module 8 page 36

LAB 6.1 BGP

Edge-Pod2

Pod2
65001

65002

Core-Pod1

Core-Pod2

BGP

Core-Pod3

Pod3

65003

Edge-Pod3

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Core-Pod4

65004

Pod4

Edge-Pod4

Module 8 |

38

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Edge-Pod1

Pod1

Module 8 page 38

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

3HE-02767-AAAA-WBZZA Edition 01

Module 9 7x50 SR/ESS Services Overview

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Alcatel-Lucent Scalable IP Networks

Module Objectives

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

After successful completion of this module, you should be able


to:
Discuss the different services offered
Understand the concepts of the components that make up a
service
Understand the function of a service tunnel
Discuss the basics of MPLS

Module 9 page 2

Understanding Services

y Represented by the IES is a global service


y The purpose of IES is to provide connectivity to the world as
defined in the global routing table.

VPN services
y VPN services (VLL, VPLS, and VPRN) are, by their nature,
restricted. You must define the scope of the VPN: what is
allowed into it and how the nodes in the service connect to
each other.

Alcatel-Lucent Scalable IP Networks v1.1

Note: The 7450 ESS does not support VPRN services.

Scalable IP Networks v1.00

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

There are two main types of services on the 7x50 SR/ESS


platforms:
Internet connectivity

Module 9 page 3

Network-Component Naming Conventions

CE

PE

CE

CE = customer edge
PE = provider edge
P = provider router

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

Customer Edge Devices


A CE device provides customer access to the service provider network over a data link to one or more PE routers. The
end user typically owns and operates these devices. The CE devices run the routing protocol(s) of the end user and
support the IP address scheme implemented by the end user. The devices are unaware of the existence of the MPLS
protocol or the VPNs.
CE devices used in layer 2 VPNs may be Ethernet switches, in which case they do not need to participate in routing
protocols. They must only be aware of VLANs running in the customer network.
Provider Edge Devices
A PE router is directly connected to the customer edge (CE) devices. In an MPLS network PE routers are LERs.
Provider Router
The routers in the provider core network. In an MPLS provider network routers are LSRs.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PE

Module 9 page 4

Internet Enhanced Service

Internet
Company C

y From the customers


perspective, it provides a
direct connection to the
Internet.
y The service provider can apply
all billing, ingress/egress
shaping, and policing to the
customer.
PE C
PE A

Service provider
network

PE B

Company A

Company B

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

An IES is a routed connectivity service in which the subscriber communicates with an IP (layer 3) router interface to
send and receive Internet traffic.
The IES allows the provider to shape and police traffic to conform to SLA parameters. This allows customers to
purchase subrate Internet access with asymmetrical SLAs.
Characteristics

A SAP acts as the access point to the subscribers network.

The interface supports RIP, OSPF, IS-IS, and BGP.

Does not require an SDP; traffic is routed rather than encapsulated in a tunnel.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

IES provides direct Internet


access for the customer, with
the following features:

Module 9 page 5

VLL Service

PE C

PE A

IP / MPLS
Network
e-pipe service

PE D

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

A VLL is a layer 2 point-to-point service. The VLL service encapsulates customer data and transports it across a
service providers IP or MPLS network in a GRE or MPLS tunnel.
Customer access to the service providers network is through a SAP. A VLL service connects two access points on the
same node or two access points on different nodes through two unidirectional tunnels. Each node needs to provide
access to the service tunnel.
A basic VLL service must have the following:

A locally unique identification number

System IP address of the originating and far-end nodes

Tunnel encapsulation type: GRE or MPLS

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

A VLL service provides a point-to-point connection between two


nodes.
From the customers perspective, it looks as if a
leased link exists between the two locations.
The service provider can apply billing,
PE B
ingress/egress shaping, and policing.

Module 9 page 6

Virtual Private LAN Service

y From the customers


perspective, it looks as if
all sites are connected to
IP/LSP Fulla single switched VLAN.
mesh
y The service provider
PE A
can reuse the
IP/MPLS infrastructure
to offer multiple services.
y The service provider can apply billing,
ingress/egress shaping, and policing.

PE B
VPLS Service

PE C

IP / MPLS
Network

PE D

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

All rights reserved 20062007 Alcatel-Lucent

The 7750 SR supports VPLS multipoint switched services. A VPLS is a multipoint layer 2 service that allows multiple
customer sites to be connected in a single bridged domain contained in a provider-managed IP/MPLS network.
Customer sites in the VPLS appear to be on the same LAN even if the sites are geographically dispersed.
A VPLS:

Uses an Ethernet interface on the customer access side to simplify provisioning

Enables customers to control and simplify routing strategies as all routers in the VPLS are part of the same
LAN, which simplifies IP addressing

Is protocol-independent, which means there is no layer 2 protocol conversion between LAN and WAN
technologies

A VPLS can span a single node or multiple nodes. On a VPLS that spans a single node, subscriber data is distributed
through multiple access points on the node.
On a VPLS that spans multiple sites, customer data enters the service using at least one access point on each node.
Data is transported among the nodes through service tunnels over an IP/MPLS provider core network. A VPLS that
spans multiple nodes requires at least one service tunnel at each node.
VPLS services switch traffic based on MAC addresses (associated with the appropriate access points).
CE Equipment
Although VPLS is a layer 2 VPN service and allows the use of layer 2 switches as the CE devices, most customers use
routers at the LAN/WAN boundary.
Using a router as the CE device means that the PE device must learn only one MAC address per site, per service.
Using a layer 2 switch as the CE device means that the PE device must learn potentially hundreds of MAC addresses
per site, per service. The number of MAC addresses that the PE device must learn can be limited by using MAC filters
and/or by limiting the maximum number of MAC addresses accepted by the PE device.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VPLS is a class of VPN that allows the connection of multiple


sites in a single bridged domain over a provider-managed
IP/MPLS network.

Module 9 page 7

Virtual Private Routed Network (RFC 4364)

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

VPRN
Service
Red

PE C
RI-1
RI-2

VPRN
Service
Green

All rights reserved 20062007 Alcatel-Lucent

RFC 4364 (which obsoletes RFC 2547) describes a method of distributing routing information and forwarding data to
provide a layer 3 VPN service to end customers.
Each VPRN consists of a set of customer sites that are connected to one or more PE routers. Each associated PE
router maintains a separate IP forwarding table for each VPRN. Additionally, the PE routers exchange the routing
information configured or learned from all customer sites via MP-BGP peering.
Each route in a VPN is assigned an MPLS label. When BGP distributes a VPN route, it also distributes an MPLS label for
the route.
Before a customer data packet travels across the service provider's backbone, it is encapsulated with the MPLS label
that corresponds, in the customer's VPN, to the route that best matches the packet's destination address. The MPLS
packet is further encapsulated with either another MPLS label or a GRE tunnel header so that it gets tunneled across
the backbone to the proper PE router. Each route exchanged by MP-BGP includes a route distinguisher (RD), which
identifies the VPRN association. The backbone core routers therefore do not need to know the VPN routes.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

VPRN is a class of VPN that allows the connection of multiple sites in a


routed domain over a provider-managed IP/MPLS network.
From the customers perspective, it looks as if
all sites are connected to a private routed network
administered by the service provider for
MP-BGP
RI-1
route
exchange
RI-2
that customer only.
for all
services
PE B
The service provider
can reuse the
IP/MPLS infrastructure
PE A
to offer multiple services.
RI-1
RI-2
Each VPRN appears like an
IP / MPLS
additional routing instance.
Network
Routes for a service between the
various PEs are exchanged
RI-1
PE D
RI-2
using MP-BGP.

Module 9 page 8

Tunnel Encapsulation Types

Encapsulates traffic in an IP/GRE header; appears like an IP


packet
Low control plane overhead
Uses normal IP routing to find a path
MPLS
Uses LDP or RSVP for label signaling
LDP auto-bind is available to simplify configuration
LDP relies on an IGP to find its path
RSVP
y
y
y
y

Requires manual configuration


Can be loose or strict
May reserve bandwidth
Can use fast reroute to speed convergence

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

Generic Routing Encapsulation

Low control plane overhead

Uses an IGP (e.g., OSPF, IS-IS) to find a path from edge to edge

Convergence depends on the IGP

MPLS

Uses LSPs (may use primary and secondary paths for protection)

Paths can be manually configured or signaled using LDP or RSVP-TE

Scalable IP Networks v1.00

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

GRE

Module 9 page 9

MPLS Terminology

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

10

All rights reserved 20062007 Alcatel-Lucent

MPLS Terminology
MPLS has become the basic building block for the various services and VPNs offered on the 7750 SR platforms. The
slide above lists some of the more common MPLS acronyms that are used when discussing services.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

LER (Label edge router)


LSR (Label switch router)
LSP (Label switch path)
Push
Swap
Pop
Label Stack
DoD (Downstream on demand)
DU (Downstream unsolicited)
RSVP-TE (Resource reservation protocol with traffic engineering
extensions)
T-LDP (Targeted label distribution protocol)

Module 9 page 10

MPLS Basics (continued)

Alcatel-Lucent Scalable IP Networks v1.1

LSR
LER

Module 9 |

11

All rights reserved 20062007 Alcatel-Lucent

In the case of services the LERs are normally located at the edge of the network while the LSRs are normally the core
routers.
The MPLS-enabled routers (LERs and LSRs) use a signalling protocol to distribute labels across the network. These
labels are used to make the forwarding decision for incoming traffic rather than the IP address. This basically turns
the L3 network into an L2 or switch network.
The way the labels are distributed throughout the network depends on the signalling protocol used. LDP is DU, while
RSVP is DoD. The next few slides discuss LDP at a high level. RSVP and a more in-depth discussion on LDP are covered
in the MPLS/L3VPN course.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

LER

Module 9 page 11

MPLS Basics (continued)

Router 1
LDP

Router 2

LDP

20

LER

LSR

Network
10.1.1.0/24
10.1.2.0/24

LER

Label

Intf

20

10.1.4.0/24

Alcatel-Lucent Scalable IP Networks v1.1

Router 3

10.1.2.0/24

Module 9 |

12

All rights reserved 20062007 Alcatel-Lucent

In the figure above, LDP is enabled on Router 2 and Router 3. However, before any of this can happen the network
must be running some sort of routing protocol. For LDP to set up a peering session, it must be able to find its way to
the adjacent router, and that is done by the routing protocols.
When LDP is enabled, the protocol automatically sets up a peering session with adjacent LDP-enabled routers. When
this session is established, the routers look at their routing tables and send out a label associated with networks that
they see.
In the figure above, an LDP session is established between Router 2 and Router 3. Router 3 examines its routing table
for networks that it sees behind it and sends a label to Router 2 to represent those networks. For example, Router 3
sends a label of 20 to represent networks 10.1.1.0/24 and 10.1.2.0/24.
Every time Router 2 receives a packet destined for the 10.1.1.0/24 or 10.1.2.0/24 network, it pushes the label value
of 20 onto the packet and puts it in the LSP that takes the MPLS frame to Router 3. Because Router 3 has sent the
label of 20 out, it knows that any MPLS frame coming in with the label of 20 is destined for a network that is
terminated from it. Router 3 removes the 20 label from the frame, does a layer 3 look up, and routes the packet to
its destination.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.1.1.0/24

10.1.3.0/24

Module 9 page 12

MPLS Basics (continued)

Router 1
LDP

LDP

10

Router 2

LSR

Ingress

Network

Alcatel-Lucent Scalable IP Networks v1.1

LER

Egress

Intf

Label

Label
10

Router 3

LER

10.1.4.0/24

LDP

20

10.1.1.0/24
10.1.2.0/24

20

1
10.1.2.0/24

Module 9 |

13

All rights reserved 20062007 Alcatel-Lucent

In the figure above. LDP is now enabled on Router 1. Router 1 now sets up a peering session with Router 2. Router 2
sends a label to Router 1 to represent the networks that it sees behind it; in this case, Router 2 sends a label of 10 to
Router 1 to represent the 10.1.1.0/24 and 10.1.2.0/24 networks. Note that the label is not the same as the one
Router 2 received from Router 3. Labels are only locally significant. Router 1, when receiving a packet destined for
the 10.1.1.0/24 or 10.1.2.0/24 network, pushes on a label of 10 and sends it to Router 2.
Router 2s function has now changed. When it now receives an MPLS frame with a label of 10, it swaps (switches) out
the 10 label, replaces it with a label of 20, and sends it out the interface to Router 3.
Router 3s function remains the same; it removes the 20 label and routes the packet to its destination.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.1.1.0/24

10.1.3.0/24

Module 9 page 13

MPLS Basics (continued)

Router 1
LDP

Router 2

LDP

10
LSP 10

LER

LDP

20
LSP 20

LSR

Network

Label

Intf

10.1.1.0/24
10.1.2.0/24

10

Ingress

10

Alcatel-Lucent Scalable IP Networks v1.1

LER
Label

Network

Egress

20

Intf

Route

Label

Label

10.1.4.0/24

Router 3

10.1.1.0/24
10.1.2.0/24

20

1
10.1.2.0/24

Module 9 |

14

All rights reserved 20062007 Alcatel-Lucent

The figure above shows the complete LSP setup from Router 1 to Router 3. Router 1s function is to do a L3 lookup,
and if the packet is destined for one of the networks supported by Router 3 it pushes (encapsulates the packet in an
MPLS frame) the appropriate label onto the packet. This is the function of an LER.
When it receives the MPLS frame, Router 2 examines the label, swaps it for the appropriate egress label, and sends
the frame out the appropriate interface to get to its destination. Router 2s function is now an LSR and is basically a
L2 switch function.
When receiving the MPLS frame, Router 3 examines the label and pops (removes the packet from the MPLS frame) the
label, performs an L3 lookup, and routes the packet to the appropriate network.
Note that LSPs are unidirectional. For bidirectional communications, another LSP must be set up in the opposite
direction.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

10.1.1.0/24

10.1.3.0/24

Module 9 page 14

VPN Services

Access

Service 1

Access

Service 2

Tunnel
Access

PE-B

Network

Tunnel (MPLS, GRE)

Tunnel (MPLS, GRE)

Tunnel
Access

Service 1

Access

Service 2

Access

After a tunnel has been created, multiple services can be carried in it.
Operations on the tunnel affect all the services that are associated with the tunnel.
A tunnel uses the system IP address to identify the far-end 7750 SR.

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

15

All rights reserved 20062007 Alcatel-Lucent

It does not matter what type of VPN service is created, they all function using the same method. With reference to
the figure above, the tunnel must be created first. As shown, the tunnel can be either GRE or MPLS. After the tunnel
is created, a service can be created. The figure above shows two services being created, and each service will have a
unique service number. The service number must match at both ends of the service. This service number will isolate
Service 1 traffic from Service 2 traffic.
When the service has been created, the customer access point must be configured inside the service, thereby
defining which port on the router belongs to the customer. When traffic comes into the router, the unique service
number specifies which customer port the traffic is supposed to egress on.
The final step of the process is to associate the service with the tunnel that will take the traffic to its destination. As
shown in the figure above, the tunnel is not tied to one specific service but instead can support multiple services.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

PE-A

Module 9 page 15

Physical Links, Tunnel LSPs, and VCs

Physical
link

Service tunnel

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

16

All rights reserved 20062007 Alcatel-Lucent

7750 SRs are connected to physical links that are used to carry traffic. When a service is set up using MPLS, LSP
tunnels are set up between PE routers. Each service or customer sends traffic through a service tunnel within the LSP
tunnel.

Tunnel LSPs are identified by MPLS labels that are swapped at each intermediate node (transit LSR) along the
LSP from the ingress to the egress of the MPLS network.

The VC label is used to identify which service or customer a packet belongs to. The label is attached at the
ingress point and does not change value as the packet travels from ingress to egress.

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

GRE/MPLS/LDP
tunnels

Module 9 page 16

Module Summary

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 9 |

17

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Overview of the Layer 2 and Layer 3 services offered.


A high-level understanding to the function of a service
tunnel
A basic understanding of MPLS and the terminology

Module 9 page 17

Learning Assessment

Alcatel-Lucent Scalable IP Networks v1.1

Scalable IP Networks v1.00

Module 9 |

18

All rights reserved 20062007 Alcatel-Lucent

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

1. An e-pipe (VLL) is a multipoint-to-multipoint service. True


or False?
2. A VPLS allows multiple customer sites to be connected in:
A. A single collision domain
B. A single bridged domain
C. A single routing domain
3. What protocol is used to exchange routing information
between the PE routers in the service providers network, in
RFC 4364 layer 3 VPNs?

Module 9 page 18

Learning Assessment Answers

Alcatel-Lucent Scalable IP Networks v1.1

Module 9 |

19

All rights reserved 20062007 Alcatel-Lucent

1. An e-pipe (VLL) is a multipoint-to-multipoint service. True or False? FALSE


2. A VPLS allows multiple customer sites to be connected in:
A. A single collision domain
B. A single bridged domain 3
C. A single routing domain
3. What protocol is used to exchange routing information between the PE routers in the service providers network,
in RFC 4364 layer 3 VPNs? MP-BGP

Scalable IP Networks v1.00

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

Left blank for notes page

Module 9 page 19

3HE-02767-AAAA-WBZZA Edition 01

Alcatel-Lucent Confidential for internal use only -- Do Not Distribute

www.alcatel-lucent.com