Routing

EGP and IGP

EGP: eBGP

IGP: iBGP, EIGRP, OSPF, RIPv2

Distance: the route metric to reach the network

Vector: the interface / next-hop or direction to reach the network

Distance vector Protocols like RIP and EIGRP.

When a router receives routing information from a neighbor, it stores the information into a database
and the distance vector algorithm is used to determine the best path to reach the destination.

Link state Protocols like OSPF, IS-IS

A link state dynamic IP routing protocol advertises the link state and the link metric for each of its
connected links and directly connected links to every router in the network.

When a router receives an advertisement from a neighbor, it stores the information into a database
called link-state database and advertise the link-state information to every neighbor. This allows all
routers to have an identical map of the network.

Path vector protocol

A path vector protocol like BGP is similar to distance vector protocol but the difference is that instead of
looking at the distance to determine the best loop-free path, it looks at various BGP path attributes.

BGP attributes include AS path , multi-exit discriminator, origin, next-hop, local preference, atomic
aggregate and aggregator.

Path selection:
Prefix length

Administrative distance

Metrics
How Routes learn the networks:

Directly connected links

Static routing

3 types:

ip route [dest ip add] [next-hop add]

ip route [dest ip add] [local interface]

ip route [dest ip add] [next-hop add] [local interface]

Dynamic Routing

7-9

IP Routing process:
The host creates the IP packet, if it is local, checks the ARP table to see if the IP address is present, if it
isn’t, it uses ARP to learn this information with the dest. mac add. of the dest. host.

Encapsulates the IP Packet in a data-link frame and send it.

If it is not local, it finds the default gateway mac address using ARP if It is not present in the MAC table.

Encapsulate the IP packet into a data-link frame with the dest. mac address of the default gateway.

When the frame arrives at the router, it checks if it has errors (checks the FCS) and makes sure that the
destination IP address is present in the routing table.

If the packet is has no errors and it is present in the routing table, it de-encapsulate the packet from the
inside the data-link frame.

The router makes a routing decision, compares the dest. IP address to the routing table and finds the
route that matches the destination address. This route identifies the outgoing interface of the router
and possibly the next hop router.

Encapsulates the IP Packet into a new data-link frame and sends the frame out the outgoing interface.

IP Header
Ethernet Switching
A switch receives frames and directs them to the destination.

Learns MAC add. and it stores them in CAM Table.

The switch if it knows the destination, it will forward the frame to the destination.

If it doesn’t, it will flood the frame on all interfaces, except on the one that entered.

FCS| DATA | TCP/UDP PORTS | IP SOURCE | IP DEST | MAC DEST | MAC SOURCE

Ethernet Header

The preamble consists of a 56-bit (seven-byte) pattern of alternating 1 and 0 bits, allowing devices on
the network to easily synchronize their receiver clocks, providing bit-level synchronization

Learning

Flooding

Forwarding

Filtering

CAM Table:

CAM Table stores mac add, interfaces and VLAN IDs.

TCAM, when the switch does not search for MAC add, relies on TCAM.

Used for ip routing, acl, QOS

TCAM

Value MASK Result

Value=ip add

Mask=mask

Result=allow/deny or next hop

VLAN
With VLANs, you can do segmentation at Layer 2

Each VLAN is represented by a subnet

With VLANs you can differentiate types of traffic (voice, data… )

Access port is a connection on a switch that transmits data to and from a specific VLAN, it discards
tagged traffic.

Create multiple broadcast domains and extend the entire layer 2 fabric and stops at the routers.

VLAN trunking causes the switches to use a process called VLAN tagging, the sending switch ads another
header to the frame before sending it over the trunk. The extra header has a VLAN identifier (VLAN ID)
and the receiving switch can then know in what VLAN each frame belongs.

When the receiving switch gets the tagged frame , it understands where it belongs and removes the
VLAN header and forwards the original frame to the destination.

Normal range VLANs: 1-1005

Extended range VLANs: 1006-4094

Trunking ad mode:

Access ( a port that permits only a vlan assigned to them, designed for end devices)

Trunking ( a port that can carry VLAN Traffic in one or more VLANs on the same physical link )

Dynamic desirable

Dynamic auto

VLAN stacking / Q-in-Q (Provider Bridging – L2 service) 802.1ad

Q-in-Q VLAN

The Q-in-Q technology improves VLAN utilization by adding another 802.1Q tag to a packet that already
carries an 802.1Q. Number of VLAN will
Two tags of Q-in-Q can be applied:

Stacking VLAN

Q-in-Q VLAN

In Q-in-Q VLAN, a packet carries two VLAN tags to traverse the carrier’s public network.

F.E.: Internally when the packet leaves, it is tagged with VLAN 20, but when it reaches the public WAN, it
gets another tag, VLAN 50. When passing the public WAN, it has 2 tags, one for VLAN 20 and one for
VLAN 50. When it reaches the destination’s LAN, it discards the public VLAN 50 and makes decisions
internally based on VLAN 20.

In Stacking VLAN, the outer tag indicates the carrier (SP) while the inner tag indicates the user.

In a layer 2 MAN, there are multiple internet services provider networks, to provision the services
provided by the ISP to the specified user group rapidly, the outer tag can be used to identify ISPs, while
the inner VLAN tags to identify users.

MPLS:

It was create to forward packet from a site to another adding a MPLS header.

MPLS is a L2.5, the header is added between L2 and L3.

MPLS header

Label (20bits) 0-1mil | CoS | Stack bit | TTL (max 255)

Stack bit, if the stack bit is 1, it means it is a inner label, if it is 0, it means it is an outer label.

MPLS:

1. Reduces overhead of the core equipment

If a router is linked to an external ISP with EGP and the router has to learn all routes from that external
router, internally in the core, the equipment doesn’t need to also know those routes, it simply add a
unique label for the routes and the communication is much faster at layer 2.

2. Pseudowires
 3. Multiservices:

Because MPLS works with L2.5 I can send either L2 or L3 information, so we can use L2/L3 VPN or to
manipulate BGP

4. Multi-tenancy (stack labels)

IGMP – Layer 2 protocol

IGMP makes decision at LAN point (Layer 2) , when it reaches the WAN, PIM comes in at Layer 3

IGMP allows devices to join a multicasting group.

IGMP uses IP addresses that are set aside for multicasting. Multicast IP addresses are in the range
between 224.0.0.0 and 239.255.255.255.

Spanning-tree Protocol

PVST+

RSTP

MSTP

RPVST+

STP STEPS:

- Elects a RB
- Find the best path to the RB
- Block the rest of the links

STP enabled devices share info through BPDUs .

BDDU contains

1. BRIDGE ID ( priority 32768 + vlan number + base MAC add),

2. port cost

Each switch has a cost displayed in the BPDU that shows the cost to the ROOT bridge and each switch
will advertise its own cost to the RB and every switch will add its own cost of the interface.
 3. Port priority + ID ( 128 by default)

How STP elects the root bridge:

- Lowest bridge ID

To change the RB, change the Bridge ID priority or add command spanning-tree vlan 10 root primary

Selecting the root port

Each switch advertises the cost of the interface and the next switch adds its own cost.

In case of 2 links between 2 switches where the cost is a tie, it decides based on:

- the upstream/sending - lowest bridge ID

- The sender/upstream – lowest port ID

Selecting Designated ports

DP are ports in forwarding state in the direct opposite of the root,

Electing the DP on a link based on:

- Which switch has the lowest cost to the RP

- lowest bridge ID

Rapid Spanning Tree roles:

Designated Ports (forward traffic away from the root)

Root Ports (forward traffic to the RP)

Blocked Ports = alternate (could be a root port) or backup (could be a designated port)

States:

801.1d 801.1w

Disabled Discarding

Blocking Learning

Listening Forwarding

Learning

Forwarding
Multicast routing protocols:
It is a one-to-many mode of sending traffic.

Multicast terms:

Receiver – the receiver indicates that want some data/streams

Source – source of the data/stream that goes to the group address

Group address – Class D IPV4 224.0.0.0/24 224-243

IPV6 FF00:/8

Address State – (Source, group) / (star, group)

Designated Routers – Sit on the edge of the multicast network and they need to find each other.

Protocols – IGMP and PIM

IGMP – is the protocol that receivers use to join multicast groups and start receiving traffic from those
groups

PIM –works similar IGMP but at layer 3 (over routing protocols), designed to share address states
throughout the network.

Multi-cast addresses:

Class D 224.0.0.x/24

224.0.0.0/4 Local link comm. onl

224-239

OSPF: 224.0.0.5 or 224.0.0.6

EIGRP (224.0.0.10)

VRRP - 224.0.0.2

232.0.0.0/8 - Source specific multicast

239.0.0.0/8 – private address multicast (scoped)

Every multicast group address (IP address) is mapped to a special MAC address that allows
Ethernet interfaces to identify multicast packets to a specific group. A LAN segment can
have multiple streams, and a receiver knows which traffic to send to the CPU for processing
based on the MAC address assigned to the multicast traffic.
Multicast MAC address always start with 01:00:5E (first 25 bits) and the rest 23 bits are copied from the
lower 23 bits of the multicast group IP address.

IGMPv2:

When a receiver wants to receive a multicast stream, it sends an unsolicited membership

report, commonly referred to as an IGMP join, to the local router for the group it wants to

join (for example, 239.1.1.1). The local router then sends this request upstream toward the

source using a PIM join message. When the local router starts receiving the multicast stream,

it forwards it downstream to the subnet where the receiver that requested it resides.

If there is more than one router in a LAN segment, an IGMP querier election takes place

to determine which router will be the querier. IGMPv2 routers send general membership

query messages with their interface address as the source IP address and destined to the

224.0.0.1 multicast address. When an IGMPv2 router receives such a message, it checks the

source IP address and compares it to its own interface IP address. The router with the lowest

interface IP address in the LAN subnet is elected as the IGMP querier.

In IGMPv2, when a receiver sends a membership report to join a multicast group, it does not

specify which source it would like to receive multicast traffic from. IGMPv3 is an extension

of IGMPv2 that adds support for multicast source filtering, which gives the receivers the

capability to pick the source they wish to accept multicast traffic from.