Professional Documents
Culture Documents
Student guide
Issue: 1.10
Copyright © 2010 Avaya Inc. All Rights Reserved.
This document contains Avaya Inc. confidential and proprietary information.
It is not to be copied, disclosed or distributed in any manner, in whole or in
part, without express written authorization of Avaya Inc. While the information
in this document is believed to be accurate and reliable, except as otherwise
expressly agreed to in writing AVAYA PROVIDES THIS DOCUMENT "AS IS"
WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS
OR IMPLIED. The information and/or products described in this document are
subject to change without notice.
Avaya and the Avaya Logo are trademarks of Avaya Inc. and may be registered
in certain jurisdictions. All trademarks identified by ®, TM or SM are registered
marks, trademarks, and service marks,respectively, of Avaya Inc. All other
trademarks are the property of their respective owners.
- Page 1 -
Contents
Introduction............................................................................................................................3
Welcome............................................................................................................................ 3
IP Routing Overview............................................................................................................. 7
Introduction........................................................................................................................ 7
The function of routing...................................................................................................... 8
How an IP packet is forwarded through the network...................................................... 12
How routers work............................................................................................................ 15
IP addresses and IP Routing Tables.............................................................................. 22
Layer 2 or Layer 3 routing.............................................................................................. 31
Configuring routing on the ERS...................................................................................... 35
Characteristics of routing protocols.................................................................................37
Check your learning........................................................................................................ 40
Lesson summary............................................................................................................. 43
IP Forwarding and Static Routes........................................................................................45
Introduction...................................................................................................................... 45
IP Routing Table Manager.............................................................................................. 46
Static and default routes................................................................................................. 48
Route preference.............................................................................................................53
Check your learning........................................................................................................ 59
Lesson summary............................................................................................................. 61
Routing Information Protocol.............................................................................................. 63
Introduction...................................................................................................................... 63
Routing Information Protocol...........................................................................................64
Bellman-Ford algorithm................................................................................................... 65
Versions of RIP............................................................................................................... 67
Configuring RIP on the Ethernet Routing Switch............................................................79
Accept and Announce policies for RIP........................................................................... 85
Configuring RIP policies.................................................................................................. 90
Check your learning........................................................................................................ 96
Lesson summary........................................................................................................... 100
OSPF on the Ethernet Routing Switch............................................................................. 101
Introduction.................................................................................................................... 101
The routed enterprise network...................................................................................... 102
Basic components of OSPF.......................................................................................... 107
Types of OSPF Routers................................................................................................116
Types of OSPF networks.............................................................................................. 120
OSPF adjacencies.........................................................................................................122
OSPF interface configuration........................................................................................ 129
OSPF packet with message digest............................................................................... 136
Check your learning...................................................................................................... 139
Lesson summary........................................................................................................... 142
Advanced OSPF Features................................................................................................ 143
Introduction.................................................................................................................... 143
Compare Routing Table and OSPF LSDB................................................................... 144
Network summaries....................................................................................................... 151
OSPF route policies...................................................................................................... 162
Virtual links.................................................................................................................... 168
Check your learning...................................................................................................... 173
Lesson summary........................................................................................................... 176
BGP4 Overview.................................................................................................................177
Introduction.................................................................................................................... 177
Border Gateway Protocol.............................................................................................. 178
BGP4 Concepts and Terminology.................................................................................184
Check Your Learning.....................................................................................................194
Lesson summary........................................................................................................... 197
Configuring VRRP.............................................................................................................199
Introduction.................................................................................................................... 199
Understanding Virtual Router Redundancy Protocol.....................................................200
The VRRP state machine............................................................................................. 207
VRRP advertisement..................................................................................................... 212
Configuring VRRP on a VLAN...................................................................................... 221
Check your learning...................................................................................................... 224
Lesson summary........................................................................................................... 227
IPv6 Overview................................................................................................................... 229
Introduction.................................................................................................................... 229
What is IPv6?................................................................................................................ 230
Differences between IPv4 and IPv6..............................................................................234
IPv6 header format........................................................................................................237
Deploying IPv6.............................................................................................................. 248
Lesson summary........................................................................................................... 253
Summary........................................................................................................................... 255
Wrap up......................................................................................................................... 255
Appendix - OSPF Packet Format..................................................................................... 257
Introduction.................................................................................................................... 257
OSPF packets............................................................................................................... 258
Appendix - BGP Packet Format....................................................................................... 273
Introduction.................................................................................................................... 273
BGP4 message format.................................................................................................. 274
Acronym List - Avaya Converged Campus...................................................................... 283
Acronym List - Avaya Converged Campus................................................................... 283
Acronym List - Converged Campus..................................................................................311
Acronym List - Converged Campus.............................................................................. 311
Introduction
Welcome
Course Introduction
Course introduction
Welcome to course number 6702, IP Routing The purpose of this course is to provide you
with a comprehensive understanding of how to implement an IP-routed network using RIP
and OSPF protocols, and also show you how to establish route policies. Through lectures
and hands-on labs, you will gain a solid foundation of essential IP routing features used
on the Avaya Ethernet Routing Switch: static routes, route summaries and policies, and
the Layer 3 protocols RIP and OSPF.
Intended audience
This course is designed for technical staff responsible for the installation, operation, and
management of any Avaya Ethernet Routing Switch.
Course objectives
• Student guide
• Student lab guide
Course agenda
Course agenda
In this course, you will study the following lessons:
Course Details Duration
Introduction 30 minutes
Conclusion 30 minutes
The focus of the course is on the Routing Protocols RIP, OSPF and
BGP. Do not waste time on other subjects that are prerequisites or of
Student other student interest or you surely will not complete the material in 4
Notes days.
IP Routing Overview
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to introduce you to IP Routing, including the details of the
Layer 2 and Layer 3 processes on the network and within a switch. You will also discover
the differences between the most popular Layer 3 IP routing protocols and the basics of
configuring IP routing on an Ethernet Routing Switch.
Lesson objectives
An enterprise network today requires more than Layer 2 (L2) switches and bridges. These
switches are used to create virtual local area networks (VLANs) that have the capability to
span multiple physical segments. This solves the connectivity problem, but has certain inherent
shortcomings.
For example, a flat L2 network is a single broadcast domain; meaning that a broadcast from any
station must be flooded throughout the VLAN, consuming network and end-station resources.
Also, each switch and bridge must maintain a forwarding database (FDB) containing the media
access control (MAC) address of every device in the network. Since today’s enterprise networks
may contain many thousands of devices, it places a strain on network resources and can impact
performance.
Finally, the format of the network address itself restricts the maximum number of hosts; for
example, a Class C Internet Protocol (IP) network only provides 254 unique host addresses.
To summarize, flat L2 networks simply do not scale well enough for the medium to large-sized
enterprise.
L3 forwarding: routing
The solution is to implement L3 forwarding, also known as routing. Whereas L2 devices forward
within a given network (or VLAN) using the destination MAC address, routers forward between
different networks. They do so by examining the destination network number in the packet's L3
header, and looking up the appropriate next hop in a table of known networks.
Routers do not need to know about all the hosts, just the networks where they reside (the host
MAC address is known only by the last router to deliver the packet to its network interface card
[NIC]). Such a system of interconnected VLANs is called an internetwork.
Internetworks using IP are predominant in today's enterprises. The global Internet on which the
World Wide Web (WWW) is built is simply the largest example of an internetwork.
Besides IP, there are a number of other L3 protocols for creating internetworks based on
different standards. Some of these are: Internet Protocol Exchange (IPX), for Novell's NetWare;
AppleTalk, for Apple Computer's proprietary routing approach; and DECNet, from Digital
Equipment Corporation. Although these legacy protocols are still in use, the widespread
deployment of IP has made it the preferred choice for the vast majority of today's users.
• Layer 2
• Single broadcast domain and all devices learn the MAC addresses
• Best for network edge switching
• Layer 3
VLANs are constructed to limit the extent that broadcasts are seen in the network. VLANs are a
method of constructing custom broadcast domains. VLANs function at the Data Link layer, L2 of
the OSI Reference Model. To connect one VLAN to another, a Network Layer or L3 forwarding
device is required. These devices are called routers.
A Network Layer address identifies both the network a host resides on and the host itself. In
most cases it is not derived from the hardware MAC address in any way. Routers use only the
network address (until the last hop), so they mask off the host portion, leaving only the network
identifier. Once the packet reaches the destination network, some form of address resolution
is required to derive the host's MAC address so that the packet can be sent to the appropriate
NIC.
The first part of a typical Network Layer address identifies the network on which the host
resides. This part is the network number. The second part identifies the device, or host. This
part is the node number. The next figure illustrates the address format used by IP.
Each packet contains a Network Layer address for both the source and the destination. Routers
use only the destination address. The destination host uses the source address in order to send
a reply back and establish a connection or session between end-stations. Routers have no role
in creating the connection; they simply forward datagrams between the hosts. Connections, on
the other hand, are created by Transport Layer (L4) protocols running within the hosts.
Recall that L2 relies on the hardware MAC address to deliver data to an end-station. Each NIC
is programmed to accept data sent to its address, as well as broadcasts. However, the last-hop
router does not necessarily know the MAC addresses of directly attached hosts. It just knows
the Network Layer address. Address Resolution Protocols (ARPs) are needed to translate a
host's Network Layer address to the corresponding MAC address at the last hop. The same
protocols allow stations on a flat network to communicate, even if they initially only know each
other's Network Layer address.
For instance, in the following example, station 10.10.10.3 broadcasts a request for the MAC
address of station 10.10.10.4, which is a destination end-station's Network Layer address. If the
destination node uses the same Network Layer protocol and is in the same broadcast domain,
it monitors the broadcast, recognizes its Network Layer address in the request, and responds
with its MAC address. The sender can now address a frame directly to the destination NIC.
Generally, a sender maintains a translation table or cache of resolved MAC addresses to avoid
repeatedly sending the same request every time it has another packet.
The ERS maintains an ARP Table for translating IP addresses to MAC addresses. You can
view the table using Java Device Manager or the CLI.
Proxy ARP allows the ERS to respond to an ARP request from a locally attached host or end
station for a remote destination. It does so by sending an ARP response back to the local host
with its own MAC address of the router interface for the subnet on which the ARP request
was received. The reply is generated only if the switch has an active route to the destination
network.
To configure proxy ARP using the JDM menu bar, choose VLAN > VLANs, click IP and select
the ARP Tab. Click DoProxy.
This enables Proxy ARP on the VLAN. Proxy ARP may also be enabled on a port basis.
Forwarding decisions
Routers base their forwarding decisions on the network portion of a packet's Network Layer
destination address. They generally ignore the host portion until the last hop, since all hosts in
a given network are usually in the same direction relative to the router. Routers only keep track
of the networks in the internetwork, whereas bridges and L2 switches keep track of the hosts
within a single network. This substantially reduces the size of the routing table.
Destination networks
A routing table generally provides some information about each destination network, such as
which router port is most suitable for forwarding packets to that network, or the number of router
hops required to reach it. This allows the router to choose the best path to a particular network,
based on various criteria such as hop count, configured cost, or bandwidth. If a path becomes
unavailable for some reason, a router directs traffic to the most efficient path that remains
available.
If a port provides a connection directly to the destination network, the packet is sent to the target
host and routing is complete. Otherwise, it is sent to another router, which does its own look
up and repeats the routing process. Each router transmits the packet toward its destination on
the most efficient path it knows about. The packet proceeds, hop by hop, until it reaches its
destination network.
Hop counter
Each time a router forwards a packet, it increments the hop count in the Network Layer
header. Many routers (such as IP routers) discard a packet when the hop count reaches some
maximum value. This prevents packets from looping endlessly through the internetwork.
Routers do not listen to every packet on the network; only those packets explicitly addressed
to the router at the Data Link Layer are monitored. For this reason, end-stations must be aware
of the router. Hosts are usually configured with a default gateway identifying the address of the
router port on their local network. When a host wants to send a packet to a remote network, it
knows to send it to the default gateway rather than trying to reach a remote host itself.
Interface 1 and 2 were added to Router B with IP addresses 192.32.1.90 and 192.32.2.81,
respectively.
Destination networks that can be reached through this router are 192.32.1.0 and 192.32.2.0.
With both of these networks directly connected, Router B displays a metric of 0. Router B
advertises both networks with a distance metric of 1.
Router B has learned, through a RIP update from Router A, that network 192.32.3.0 can be
reached through 192.32.2.80 and that network 192.32.3.0 is two hops away.
From that update, Router B learned that network 192.32.4.0 can be reached by using
192.32.1.91 and that the network is two hops away.
IP address format
IP addressing
The dominant Network Layer technology is the Internet Protocol or IP. IP addresses consist
of 32 bits, generally written as a group of four octets separated by periods, in a format called
dotted-decimal notation. The maximum value of any octet is 255 (all bits set to 1), and certain
values (such as 255) are reserved. To assign IP addresses, it is often necessary to understand
the binary value of each octet. This can be done by converting the value of each octet into its
binary equivalent, as shown below:
187.124.225.188 = 10111011.01111100.11100001.10111100
The binary number system assigns a value to each digit that is a power of two. Whereas a
decimal number includes units, tens, hundreds, thousands, and so forth (powers of ten), the
binary digits' values are one, two, four, eight, 16, 32, and so on. By adding these values you can
easily convert a binary number to its decimal equivalent.
Activity
Binary Decimal
1010 1010
98
0011 0101
199
You have seen that the IP address consists of a network portion and a host portion, and
that routers use the network portion to make forwarding decisions. IP has different “classes”
of network addresses, with varying numbers of bits used for the network and host portion,
respectively. This presents several problems:
The solution is a network mask, also known as a subnet mask. Like the IP address, the
subnet mask is a 32-bit number. The number is divided into four octets and represented in
dotted-decimal notation. The rules for applying a subnet mask are as follows:
• If the bit value is 1, that bit position is part of the network address. The network mask
begins at the most significant bit (left most bit) as a string of contiguous ones.
• If the bit value is 0, that bit position is part of the host address.
For example, the subnet mask 11111111 11111111 00000000 00000000 reserves the first
16 bits for a network number (the 1s) and the remaining 16 bits for host addresses. The
dotted-decimal notation for this subnet mask is 255.255.0.0.
If you extend the network portion by one bit, you effectively double the number of possible
network addresses and cut in half the number of unique host IDs. Every IP device must be
configured with the mask that has been chosen for its network. The various implementations of
Transmission Configuration Protocol (TCP)/IP accept the subnet mask in different ways. The
most common are:
• 192.168.10.24/255.255.255.0
• 192.168.10.24/24
Both of these IP addresses represent a host with an IP address of 192.168.10.24 and a 24-bit
mask of 255.255.255.0.
Activity - Find the network and host address for each of the following:
101.202.18.34 /
255.255.255.0
192.168.200.44 / 16
47.32.76.44 / 255.255.240.0
204.234.181.209/30
204.234.181.209/30 204.234.181.208 0
Point out that the /x value must be amended to reflect the necessary
octet where the mask ends.
Student
Notes Also note that the standard Windows Calculator will convert between
Binary, hex, octal and decimal. To enable this feature, start the
calculator and from the menu select View > Scientific. Next select the
type of input necessary, enter the value and then select the new type.
Types of IP addresses
The IP standards define several classes of IP addresses with different default mask values.
Organizations wishing to connect to the global Internet request one or more network addresses
for their company. These addresses are administered by a central authority to avoid duplication.
IP address classes
IP address classes
Each IP address class, when expressed in binary notation, has a different boundary point
between the network and host portions of the address, as illustrated below. The network portion
is a network number field from 8 through 24 bits. The remaining 8 through 24 bits identify a
specific host on the network.
• Other addresses
Each supernet has a unique supernet address that consists of the upper bits shared by all
of the addresses in the contiguous block. For example, consider the Class C addresses
192.32.128.0. By adding the mask 255.255.128.0 to IP address 192.32.128.0, you aggregate
the addresses 192.32.128.0 through 192.32.255.255 and 128 Class C addresses use a single
routing advertisement.
Another example is the block of addresses 192.32.0.0 to 192.32.7.0. The supernet address
for this block is 11000000 00100000 00000, with the 21 upper bits shared by the 32-bit
addresses.
• The address is the first 32-bit IP address in the contiguous block. In this example, the
address is 11000000 00100000 00000000 00000000 (192.32.0.0 in dotted-decimal
notation).
• The mask is a 32-bit string containing a set bit for each bit position in the supernet
part of the address. The mask for the supernet address in this example is 11111111
11111111 11111000 00000000 (255.255.248.0 in dotted-decimal notation).
Although classes prohibit using an address mask with the IP address, you can use CIDR to
create networks of various sizes using the address mask. You can also divide the address
space using variable-length subnet mask (VLSM); the division is not visible outside your
network. With CIDR, the addresses are used by routers outside your network.
IP routing table
The entries in a general routing table within an IP router are defined as follows:
• Direct: Identifies that the destination network for this route entry is directly
connected to the router
• Indirect: Identifies that the destination network for this route entry is not
directly connected to the router. The destination network was learned by
updates from other routers.
• Alternate: Available route if the best route becomes unavailable
• Best: The route being used to forward IP traffic to the destination
• Equal Cost Multi-Path (ECMP): Provides alternate routes for faster
convergence in case of network failures
• Protocol - The routing mechanism by which this route was learned
• Age - The number of seconds since this route was last updated
The IP router removes the MAC header and Cyclic Redundancy Checking (CRC) field,
examines the IP header for the destination address and compares this address to the router's IP
routing table. If the destination network is located or a default route is discovered, the IP router
forwards the packet out the interface towards the final IP destination. The router places a new
MAC header whose destination MAC address is either the next router down the line or the MAC
address of the final destination.
The following graphics illustrate this process.
1. The IP Layer on Host A accepts a UDP packet destined for Host B and encapsulates
the packet in an IP datagram that includes a source address of 192.30.10.20 and a
destination address of 193.40.10.20.
2. The Data Link Layer on Host A encapsulates the IP datagram in an Ethernet frame
and transmits the frame to Router A.
3. Upon receiving the Ethernet frame, Router A transmits the frame to Router B.
4. Upon receiving the Ethernet frame, Router B transmits the IP datagram in an
Ethernet frame to Host B.
IP routing, Figure 1 of 3
IP routing - figure 2 of 3
IP routing, Figure 2 of 3
IP routing - figure 3 of 3
IP routing, Figure 3 of 3
Routing decision
Once the incoming frame has been identified as belonging to a VLAN with IP routing enabled,
the router executes a routing decision, deciding if the packet needs to be routed and if so, by
which layer, L2 or L3.
If the MAC destination address is the address of the router interface itself, two possibilities exist:
If the destination MAC address is not that of the routing entity, the packet is handled
at L2.
At this point, you know that the packet has the destination MAC address of the packet matches
the MAC address of the ingress port on the router. Next the router checks to see if the IP
address in the Layer 3 header matches an IP address on the router.
• If yes, use the MAC address for the IP address from the ARP table for the
destination MAC address.
• If no, refer to ARP Table for the MAC address associated with the IP address
and then forward the packet to the destination.
• If no, determine if the destination network is in the route table.
• If yes, use the MAC address associated with the next hop router and forward the
packet out the appropriate port.
• If no, determine if there is a default route assigned.
• If yes, use the MAC address associate with the default router and forward the packet
out the appropriate port.
• If no, send an ICMP Destination unreachable message to the source of the packet.
To enable routing on the ERS use the following two basic steps:
The next graphic shows OSPF being enabled globally using the default RouterId. You insert
an interface to be configured with OSPF. The interface type broadcast is used for Ethernet. An
OSPF passive interface can be configured on the VLAN window.
Disabling routing for a physical port allows you to configure a port to not perform routing, even if
it is part of a routed VLAN. You can use this feature in many cases.
One example is to prevent IP traffic from being routed on that port for security reasons. This
feature allows you to configure a port to not perform routing, even if it is part of a routed VLAN.
It is helpful in many cases. Use it to prevent IP traffic from being routed on that port for security
reasons.
The graphic below shows configuration using the CLI and Java Device Manager.
RIP characteristics
RIP is a distance vector protocol that uses the Bellman-Ford algorithm to determine the best
route. RIP makes its routing decisions based solely on distance (hops). RIP does not take into
consideration such things as congestion, line speed, and cost.
A list of routes presently known by a router is broadcast out each RIP-enabled interface every
30 seconds.
RIP allows a maximum of 15 router hops between networks because of the time it takes for all
routers to converge (stabilize their routing tables).
Provides Authentication
OSPF characteristics
OSPF
Open Shortest Path First (OSPF) was created for use in large IP internetworks. It was defined
by RFC 1583 and updated in RFC 2178. It is a link state protocol operating in a fast, reliable,
and efficient way for routers to exchange network topology information. OSPF is an Interior
Gateway Protocol (IGP) that is used only for IP routing. It uses an IP Protocol ID of 89 (refers to
RFC 1700). It uses the Dijkstra Shortest Path First (SPF) algorithm to compute routes.
OSPF features
• Quick convergence
• Area hierarchy for routing information control
• Variable Length Subnet Mask (VLSM)
• Configurable routing metrics
• Equal cost multipath (ECMP)
• Authentication
• IP multicast
• External routes tagged
OSPF characteristics
BGP characteristics
BGP
The Border Gateway Protocol (BGP) is an inter-domain routing protocol that provides loop-free
inter-domain routing either between autonomous systems or within an autonomous system
(AS).
Once configured, BGP systems exchange network layer reachability information (NLRI) with
other BGP systems for the purpose of constructing a graph of AS connectivity. BGP uses this
information to prune routing loops and enforce AS-level policy decisions.
BGP provides features that allow you to consolidate routing information and to control the flow
of BGP updates.
BGP characteristics
Review what you just learned by answering the questions in your student guide.
A list of routes presently known by a router is broadcast out each RIP-enabled interface:
Which type of address identifies both the network a host resides on and the host itself?
_____ IP address
Which protocol is needed for translating a host's Network Layer address to the corresponding
MAC address at the last hop?
_____ IP
_____ RIP
_____ OSPF
_____ ARP
Answer: , ARP
The IP standards define several classes of IP addresses with different default mask values.
Which class is used for small networks?
_____ Class A
_____ Class B
_____ Class C
_____ Class D
Answer: , Class C
Lesson summary
Lesson summary
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to introduce the concept of the Routing Table Manager
(RTM) functionality within an ERS. You will also see how a routing table is built and
maintained by the RTM.
Lesson objectives
Resources
Student
Notes
Routing Table Manager (RTM) is a software module within the ERS operating system. It
performs these significant functions:
Example
A destination network of 172.16.0.0/16 is being advertised by more than one routing protocol.
When the ERS 8600 receives the RIP advertisement for the network with a metric of 3, and also
another RIP advertisement with a metric of 5, the metric of 3 is chosen as the best RIP route.
ECMP would apply here, for multiple RIP learned routes with the same metric.
The Ethernet Routing Switch also learns the route using OSPF with a cost of 21. This is the
best OSPF route. ECMP would apply here for multiple OSPF learned routes with the same
metric.
The RTM Route Preference chooses the OSPF route over the RIP learned route because of the
lower preference. OSPF Intra has a preference of 20 compared to RIP preference of 100.
IP RTM Example
IP RTM Example
Occasionally, you may want to create a route manually using static configuration rather than
depend on a routing protocol like RIP. Some reasons for using static routes are:
• Slow links or routers - RIP advertises the entire routing table every 30 seconds by
default. In a large network this might cause slow links or slow routers to use all of
their resources servicing the RIP updates.
• Summarization of IP networks - If the network is well constructed, a range of
network addresses might be reached using a small set of links. It would make little
sense to advertise large numbers of remote networks that were all reachable by only
a few links.
• Internet access - The Internet consists of tens of thousands of networks. For most
Enterprise networks, there is no need to import all of these networks into the network.
Instead, a single default route is used for any packet whose destination network is
unknown to the router.
In each of these cases, the use of static routes and/or default routes can enhance the
performance of the network.
Static routes can be used to advertise ranges of networks reachable by WAN links. In this case
the routes represented by the static route would be a summary of the networks reachable by the
WAN link. This would have the benefit of reducing the size of the local routing table, reducing
the size of the local RIP advertisements, as well as removing the necessity of running RIP on a
slow WAN interface.
You can use a static default route to specify a route to all networks for which there are no
explicit routes in the routing table. This route is by definition a route with the prefix length of zero
(RFC 1812). The ERS 8600 can be configured with any route using the IP static routing table.
Default routes can be used to support Internet access from within the enterprise network.
The default route in effect says, "If it is not within this enterprise, it must be on the Internet
somewhere." Therefore, the Next Hop of the default route would point to the company's Internet
Service Provider (ISP) router.
After a static or default route is configured on one router, it can be advertised to the rest of the
network using RIP, just like any other route.
IG note
Student To create a default static route, you must configure the destination
Notes address and subnet mask to 0.0.0.0.
Configuration notes
The following figure shows how static and default routes can be configured on the ERS 8600.
When static and default routes are configured on an Ethernet Routing Switch, the next-hop
does not need to be directly attached. The above figure shows how a default route might be
entered using a learned "next-hop." If this network becomes unreachable, the statically-defined
route (Static or Default) becomes inactive as shown by the Run-time CLI command.
• The next-hop address must be reachable using the current routing table to configure
the Static or Default route.
• Only the CLI show ip route info command displays inactive Static or Default routes.
The routing table shown using Java Device Manager (JDM) only shows active routes.
• Default and Static routes are not advertised by RIP unless a RIP Announce policy is
created.
• Default routes are not accepted or advertised by a RIP interface unless the
appropriate interface parameters are configured.
• default-listen <enable|disable>
• default-supply <enable|disable>
ECMP routes
ECMP routes
The Equal Cost MultiPath (ECMP) feature allows the ERS 8600 to determine up to four equal
cost paths to the same destination prefix. The multiple paths can be used for load sharing
of traffic and allows faster convergence to other active paths in case of network failure. By
maximizing load sharing among equal-cost paths, you can use your links between routers more
efficiently when sending IP traffic.
Refer to the latest ERS software release notes for the specific ECMP capabilities.
ECMP routes
ECMP Benefits
Alternate routes
Alternate routes
Routers can learn several routes to a given destination network through several protocols. If
the alternate route feature is enabled, it stores all of these alternate routes sorted in order of
network mask/cost/route preference. The "best" or first listed in this list is the best route, which
is used by the hardware. The rest of the routes are referred to as alternate routes.
To avoid traffic interruption, alternate routes can be enabled globally to replace best routes with
the next-best route if the best route becomes unavailable. The alternate route concept is applied
between routing protocols, for example if an OSPF route becomes unavailable and an alternate
RIP route is available it will be immediately activated without waiting for an update interval to
expire.
The internal routing table manager records the route changes for protocols. It maintains
separate tables of static (user-configured) and dynamic (protocol-learned) routes and you can
configure preferences that determine the precedence given to one type of route over another.
In the event of learning a route with the same network mask and cost values from multiple
sources (protocols), route preferences are taken into consideration to select the best route
to be added to the forwarding database. Up to four other routes for each destination are held
available as an alternative route.
Alternate routes
The Path Type specified in the routing table indicates how the route is to be used when
forwarding traffic.
Route preference
Route preference
The route preference specifies the order of preference in which a route source is to be used to
populate the routing table. You can adjust the default values to obtain a specific network design
behavior.
On an ERS 8600, default preferences are assigned to all standard routing protocols. You can
modify the default preference for a protocol to lend it higher or lower priority compared to other
protocols. When you change the preference for a route, if all best routes remain best routes,
only the local route tables are changed. However, if changing the protocol preference causes
best routes to no longer be best routes, neighboring route tables may be affected.
In addition, you can modify the preference value for dynamic routes through route filtering/IP
policies, and this value will override the global preference for the protocol. This alternative
mechanism allows you to change the behavior of specific routes to have a different preference
rather than acquiring the global protocol preference. For a static route, you can specify an
individual route preference that overrides the global static route preference. The preference
value can be anything between 0 and 255, with 0 reserved for local routes and 255 representing
an unreachable route.
Be aware that changing route preferences in a live network can affect system performance
and network reachability. Therefore, Avaya recommends that you make any modifications to
route preferences while the switch is not actively routing within a live network. To change the
default preferences for routing protocols, you should first disable the routing protocols, make the
preference changes, and then re-enable the routing protocols.
When the ERS 8600 routes IP traffic, a number of filters can be applied that manage Accept,
Redistribute, and Announce policies for unicast routing table information. The filtering process
relies on the IP prefix lists in the common Routing Table Manager infrastructure. The filtering
criteria are specific to each of the routing protocols.
IP RTM Example
MatchAs Path
Match Community
NssaPbit
SetMetric TypeInternal
SetMetric Type
SetNextHop
SetMask Yes
Match Protocol
MatchAs Path
Match Community
NssaPbit
SetMetric TypeInternal
SetNextHop Yes
Match Protocol
Match Tag
NssaPbit
SetRoute Preference
SetMetric TypeInternal
SetMetric Type
SetInject NetList
SetMask
SetTag
SetWeight Yes
Review what you just learned by answering the questions in your student guide.
Which provides faster convergence in case of best route to a network becoming unreachable
then allowing quick recovery using another protocol?
Which Routing Table component indicates how the route is to be used when forwarding
traffic?
_____ Metric
_____ Protocol
For the ERS 8600, the feature that specifies the priority of which route sources will be used to
populate the routing table is the:
Lesson summary
Lesson summary
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to examine the process of routing datagrams at the open
system interconnection (OSI) network layer, with a specific focus on Internet Protocol (IP)
routing and the Routing Information Protocol (RIP). Both the technology standards and the
vaya Ethernet Routing Switch (ERS) implementation are discussed.
Lesson objectives
Follow this lesson with Lab Activity - IP Route policies and ECMP which
will take about 1 hour and 30 minutes to complete.
Student
Notes
Routing Information Protocol (RIP) is a standard, dynamic routing protocol based on the
Bellman-Ford (or distance vector) algorithm. It is used as an Interior Gateway Protocol (IGP).
RIP allows routers to exchange information to compute routes through an IPv4-based network.
RIP is defined in RFC 1058 for RIP version 1 and RFC 2453 for RIP version 2. The most
significant difference between the two versions is that RIP version 2 supports subnet masks and
next hop information in the RIP packet.
RIP characteristics
In routed environments, routers communicate with one another to track available routes.
Routers can dynamically learn about available routes using RIP.
RIP uses broadcast User Datagram Protocol (UDP) data packets to exchange routing
information. Each router advertises routing information by sending a routing information update
every 30 seconds (one interval). If a router does not receive an update from another router
within 90 seconds (three intervals), it marks the routes served by the non-updating router as
unusable. If no update is received within 180 seconds (six intervals), the router removes all
routing table entries for the non-updating router.
RIP is known as a distance vector protocol. The vector is the network number and next hop,
and the distance is the cost associated with the network number. The hop count, or distance, is
used as a metric to determine the best path to a remote network or host. RIP does not take into
consideration such things as congestion, line speed, and cost.
RIP updates
A list of routes presently known by a router is broadcast to each interface every 30 seconds.
RIP Diameter
RIP allows a maximum of 15 router hops between networks because of the time it takes for all
routers to converge (stabilize their routing tables).
Bellman-Ford algorithm
Building the routing table
Distance vector protocols such as RIP maintain a routing table of reachable destination
networks. Each table entry contains the network address, metric (distance), interface (vector),
and other information such as the protocol that created the entry and the elapsed time since it
was last refreshed.
RIP uses the Bellman-Ford Algorithm. The Bellman-Ford Algorithm specifies the actions taken
when processing a received route. It checks whether the destination is already known.
• If not, it creates a new routing table entry, marks it with the interface on which the
route was received, and initializes the aging timer to zero.
• If the route is already known, it sees if the advertiser matches the existing next hop
router. If so, it resets the aging timer to zero to refresh the route. If advertised from a
different router and the metric is less than the existing route, it replaces this existing
route; otherwise it ignores the update. This prevents “thrashing” when two or more
routers advertise an equal cost route to a given destination.
Bellman-Ford Algorithm
Ethernet Routing Switch (ERS) 8600 software implements standard RIP to exchange
Transmission Control Protocol (TCP)/IP route information with other routers. The ERS 8600
Routing Table Manager (RTM) enhances the functionality of the Bellman-Ford algorithm by
adding Equal Cost MultiPath (ECMP) and Alternate Route support.
Versions of RIP
Versions of RIP
• RIP version 1 (v1) uses network classes as a basis for mask determination. A RIP
v1 router uses the mask associated with an interface and applies this mask to all
received routes to determine the network portion.
• RIP version 2 (v2), on the other hand, does not need to infer this information, since
the mask is included in every route advertisement.
Question
Why is Rtr 2 the next hop for Net E and not Rtr 4?
Net E was first learned from Rtr 2. Net E will not be accessed by Rtr 4
unless access to Rtr 2 fails.
Student
Notes
RIPv1 advertisements do not contain the mask of the route advertised. Instead, the following
rule is applied:
else:
• Advertise only the natural “Class” network. (Do not advertise subnets into other
networks.)
RIPv1 advertisements do not include the mask associated with the advertised route. To
overcome this limitation, RIPv1 interfaces assign a network mask based on the following:
else:
• Apply the natural “Class” mask of the received route if the host portion is zero.
• Assign a 32-bit mask if the host portion is non-zero.
A RIP network
RIPv1 example
The following example illustrates a RIPv1 network. In this case, two Ethernet Routing Switches
are connected by a single connection on the 192.168.10.0/24 network.
RIPv1 example
In a RIPv2 network, Router 2’s routing table will be accurate and include
the actual network addresses that are in the network along with the
correct mask.
• Command - Specifies either (1) a request for routing information or (2) a response
that contains network-distance pairs from the sender's routing table
• Version - Contains current protocol version number. The receiver uses this number
to verify that messages are interpreted correctly.
• Family of Net 1 - Identifies the protocol family under which the network address is to
be interpreted. IP addresses are assigned a value of 2.
• Route Tag (v2) - An attribute assigned to a route that must be preserved and
re-advertised with a route. The intended use of the Route Tag is to provide a method
of separating "internal" RIP routes (routes for networks within the RIP routing
domain) from “external” RIP routes, which may have been imported from an external
gateway protocol (EGP) or another internal gateway protocol (IGP).
• Subnet Mask (v2) - The subnet mask that is applied to the IP address to yield the
non-host portion of the address. If this field is zero, then no subnet mask has been
included for this entry.
• Next Hop (v2) - The immediate next hop IP address to which packets to the
destination specified by this route entry should be forwarded. Specifying a value of
0.0.0.0 in this field indicates that routing should be through the originator of the RIP
advertisement.
• IP Address of Net 1 - IP address of the first network in the sender's routing table
• Distance to Net 1 - The number of gateway hops to the network. Values are limited
to the range of 1 through 15; 16 is used to signify infinity.
Note
An inherent problem in the way RIP operates, routing loops, is detailed in the following
illustrations and explanation.
1. Referring to the diagram below, assume Router A has a direct connection to Network
1. Router A has also sent RIP updates out all its interfaces, so Router B and Router
C have also learned reachability information for Network 1 through the appropriate
interface.
Poison reverse
Poison reverse
Poison reverse is a technique for speeding the convergence of the network routing tables by
reducing the possibility of routing loops between adjacent nodes.
Operation of poison reverse
When an interface is configured with poison reverse, RIP advertises networks that it has learned
through that interface back out that same interface with a cost of infinity. In other words, it tells
its neighbors “do not forward packets for this destination to me, because I will just forward them
back to you.”
This process reduces the possibility of routing loops between adjacent nodes.
Example: Router B’s RIP update to Router C with poison reverse enabled
Poison reverse works as follows: (advertisements between Router B and Router C)
• Router B received a RIP update from Router C via interface 1.
• Router B now knows that network 192.32.4.0 is two hops away.
• Router B advertises network 192.32.4.0 out the same interface it was learned on;
however, with a cost of 16.
• This informs Router C that under no circumstance should it forward packets destined
for 192.32.4.0 toward Router B, since those packets would simply be forwarded back
on the same interface, resulting in a routing loop.
Split horizon
Split horizon
When an interface is configured with split horizon, RIP does not advertise networks that it has
learned through that interface back out that same interface.
Therefore, split horizon reduces the number of RIP packets sent with each update, conserving
bandwidth.
Whether to use poison reverse or split horizon is up to the network administrator. Poison
reverse is safer, because it explicitly tells neighbors not to forward certain packets. Split horizon
simply trusts the neighbors not to forward if the route is not advertised.
Note
The ERS supports the following four RIP Send modes, configurable on all router interfaces:
There are three modes for receiving RIP updates on an interface, listed below:
Both the rip1OrRip2 and the rip2 modes accept multicast RIP2 update datagrams, 224.0.0.9 -
All RIPv2 routers.
Configuring RIP
To advertise a router interface with RIP, you must configure the following:
1. Configure the global RIP parameters as required. This must include enabling the RIP
protocol.
2. Configure the interfaces to support RIP. If a router interface has RIP enabled, that
directly attached network will be advertised.
Local interfaces that do not run RIP are not advertised unless a RIP Announce policy is
configured.
Note
Global commands
The following are some of the CLI commands from the config/ip/rip context:
• enable
• holddown <seconds>
• info
• updatetime <seconds>
• receive <ipaddr> mode <rip1|rip2|rip1orrip2>
• send <ipaddr> mode <notsend|rip1|rip1comp|rip2>
The following are some of the commands that are available from both the
config/vlan/<vid>/ip/rip and the config/ethernet/<port>/ip/rip context:
• advertise-when-down <enable|disable>
• enable
• info
• poison <enable|disable>
• supply <enable|disable>
• trigger <enable|disable>
Configuring RIP
This parameter is best implemented when the announcing interface can be used to reach all
subnetworks that are represented by the “Class” mask. If this is not true, there may be areas of
the network that cannot be accessed, or other routing problems.
This parameter allows the router interface to be configured to supply a default route,
0.0.0.0/0, if one exists. The interface can also be configured to accept offered default routes
as necessary. The following table shows the relationships between RIP Supply and RIP
AdvertiseDefaultRoute.
The relationships between RIP Listen and RIP AcceptDefaultRoute are similar.
Point out that when you use auto-aggregation, the network must be
constructed in such a way that the summary routes created by this value
Student actually exist.
Notes
For example, this will not work if there is a single Class A or Class B that
has been subnetted and all routes in the network are from this single
class network. In this case, if auto-aggregation is enabled strange things
might happen in the network.
The following network represents a customer who has three groups of buildings on one campus.
Each of the Ethernet Routing Switches shown collects all of the routes from each group's
buildings into the backbone network.
Each building has a large number of networks from Class B Network 172.16.0.0, as shown in
the graphic. Each building has a number of Ethernet Routing Switches providing each floor
or workgroup with its own IP subnet from the Class B networks allocated to each group of
buildings. There are a total of 175 Class B subnets used.
The customer is concerned about the size of the RIP updates and decides to use the RIP
aggregation feature between the core routers to limit the size of the RIP updates and, therefore,
reduce the size of the routing tables in all of the routers.
Questions:
IG Note
Student No When the RIP Aggregation is turned on between the core Routers,
Notes all the Subnets of 172.16.0.0 are summarized to the natural class B
Mask.
RIP Accept policies are applied whenever the router receives a RIP update. The policy is used
to selectively accept routes from the RIP update. If no policies are configured or no matching
policy exists for a given route, the default behavior is applied; that is, the route is included in the
routing table.
The following graphic illustrates one use of RIP Accept policies. The network uses RIPv2. All
routers in the network advertise their actual networks into the core. The administrator of Rtr A
wants to create a single route that points to Rtr C for all networks configured there. To do this,
an Accept policy is created that takes any network in the range 172.16.192.0 to 172.16.255.255
and creates a single entry into the routing table for Rtr A.
This will have the same effect as the Announce policy on the next page.
The difference is that in this case, each router must know exactly the
Student configuration of the rest of the network to create the correct Accept
Notes policy.
Announce policies enable a user to selectively announce routes out selected interfaces, hence
affecting the routes learned by other routers in the network. RIP Announce policies are applied
while sending a RIP update. The policy information is used to announce the route to other
routers in the RIP routing domain. The policy can select the source of the route from among
static, direct, RIP, or OSPF sources.
If no policies are configured or no matching policy exists for a given route, the default behavior
is applied; that is, RIP-learned routes are announced and all non-RIP routes are ignored.
Viewed in this context, the RIP Auto-Aggregation feature is a built-in Announce policy to
advertise routes out the selected interfaces using the Class mask, unless the network is
configured on that interface.
In the RIP Automatic Aggregation illustration, the network would not function because each of
the groups of Class B subnetworks was announced as the full Class B network with the Class B
mask. This caused routing problems between the subnetworks.
If an Announce policy were created to advertise all of the subnetted Class B networks with
a mask of 18 bits (255.255.192.0), the effect would be to advertise summary routes for each
subnetwork.
IG Note
Student This will work with the correct Announce Policy to summarize the local
Notes Class B networks to a single advertisement with 18 bits.
Accept policy
Questions:
• What should the summary route be?
Student
Notes
The next graphic illustrates the answer to this question.
• Will networks from Rtr B match this summary route?
• Why?
The following example describes how to configure RIP policies using an ERS 8600 with “E
modules”. You can form a unified database of route policies that can be used by the protocols
(RIP or OSPF) for any type of filtering task.
Policy ID
A policy is identified by a name or an ID. Under a given policy you can have several sequence
numbers, each of which is equal to one policy in the old convention. If a field in a policy is not
configured, it appears as 0 or any when it is displayed in the Java Device Manager (JDM).
This implies that the field is to be ignored in the match criteria. The clear option can be used to
remove existing configurations for any field.
Each policy sequence number contains a set of fields. Only a subset of those fields is used
when the policy is applied in a certain context. For example, if a policy has a set-preference field
set, it is used only when the policy is applied for accept purposes. This field is ignored when the
policy is applied for announce/redistribute purposes.
You can apply one policy for one purpose, for example, RIP Announce, on a given RIP
interface. In that case, all sequence numbers under the given policy are applicable for that
filter. A sequence number also acts as an implicit preference; a lower sequence number is
preferred.
Creating a RIP policy involves the steps listed below and described in detail in the next few
pages.
• Permit or Deny
• Select Protocol Type
• Select Route Type
• Select the In/Out Policy
Student
Notes
You can create one or more IP prefix lists and apply that list to any IP route policy. The prefix
list combines two databases, the address-list and the net0lst, which were previously used by
all protocols for different types of policies. A prefix list with a 32-bit mask is equivalent to an
address. A prefix list with a mask less than 32 bits can be used as a network. If you configure
the masklengthFrom field to be less than Mask LengthTo field, it can also be used as a range.
You can configure inbound filtering on a RIP interface. This configured policy determines
whether to learn a route on a specified interface. It also specifies the parameters of the route
when it is added to the routing table. Conversely, you can configure outbound filtering on a RIP
interface. This configured policy determines whether to advertise a route from the routing table
on a specified interface. This policy also specifies the parameters of the advertisement.
Review what you just learned by answering the questions in your student guide.
Select the RIPv1 advertisement that would result from using the following information: •
Advertising interface: 192.168.10.1/28 • Route to be advertised: 192.168.11.16/28
_____ 192.168.11.0
_____ 192.168.11.16
_____ 192.168.0.0
_____ 192.168.10.0
Answer: 192.168.11.0
Due to the time it takes for all routers to converge, what is the maximum number of router
hops allowed in an IP network using RIP?
_____ 7
_____ 15
_____ 16
_____ 31
Answer: , 15
When an IP RIP interface configured with split horizon learns about a remote network, it:
_____ Advertises that network out that same interface with a cost equal to the sum of
the hop metric received and the interface's cost parameter
_____ Advertises that network out that same interface with a cost of 16
_____ Advertises that network out that same interface with a cost of 31
_____ Does not advertise that network out that same interface
Answer: , Does not advertise that network out that same interface
_____ Accepts the advertised route and use the mask of the receiving interface
_____ Accepts the advertised route and use the natural “Class” mask
_____ Metrics
_____ Interfaces
Select the set of values for RIP Supply and RIP AdvertiseDefaultRoute that will
advertise all known routes except the default route.
Answer: b
Which parameter matches the next hop IP address of the route against the contents of the
specified prefix list, for non-local routes?
_____ MatchNextHop
_____ MatchInterface
_____ MatchProtocol
_____ MatchNetwork
Answer: MatchNextHop
Lesson summary
Lesson summary
Follow this lesson with Lab Activity - IP Route policies and ECMP which
will take about 1 hour and 30 minutes to complete.
Student
Notes
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to explain how to configure the basic components of an
Open Shortest Path First (OSPF) network on the Avaya Ethernet Routing Switch (ERS)
and identify the types of networks supported by OSPF.
Lesson objectives
• Describe the features and advantages of Open Shortest Path First (OSPF)
• Explain the types of OSPF Link State Advertisements (LSAs)
• Describe the purpose of the four types of OSPF routers
• List the types of networks supported by OSPF
• Describe OSPF neighbor routers and explain the process of forming an adjacency
• Describe how to configure an OSPF router interface
• Describe Message Digest Version (MD5) authentication for OSPF adjacencies
Lesson duration
IG Note
Student Lab activity – OSPF Networks should follow this lesson. Allow 2 hours
Notes to complete this lab.
Distance vector routing protocols, such as Routing Information Protocol (RIP), determine the
best path to remote networks by counting the number of hops. The smallest number of hops is
designated as the best route. While this type of metric works when all network links have the
same throughput, distance vector protocols have difficulty determining the “best” route if the
links in the network vary in capacity. As you have seen in prior units, protocols like RIP perform
a distributed computation. Each router learns the cost to all networks from its neighbors. The
router then chooses the best available route from this list, adds its own cost to this list, and
sends this information to all of its neighbors.
As an example, a 9600-baud RIP interface has the same metric as a Gigabit interface. RIP has
no way to distinguish between the two, unless the network administrator assigns an artificially
high hop count to the slow interface, a practice that not all vendors support.
Distance vector protocols typically broadcast the entire routing table on a frequent basis.
These network updates consume a large percentage of small network links, thus reducing the
bandwidth available for user's data.
Link state routing protocols overcome these limitations. This class of routing protocols uses
a replicated, distributed database to calculate routes to all networks. Each router advertises
the cost to each of its neighbors. This cost is then flooded to all routers in the network. These
advertisements make up the database each router maintains. To calculate the routing table,
each router independently determines the best cost to all networks using this database. Link
state protocols, like OSPF, advertise only the costs of the links associated with a router. The
metric can reflect the speed of the interface. Then using these advertised costs, each router can
calculate the best route through the network.
To use the previous example, a 9600-baud interface may have a metric of 10,000 and a Gigabit
interface metric of 1. These metrics reflect the differences in the speed of the interfaces.
How to decide on a routing protocol for an Internet Protocol (IP) network? The choice for a
standards-based protocol is between RIP and OSPF. Each of these protocols has a place in the
world of IP routing. Choose the one that best fits into your network.
RIP
In general, RIP is an easy to use routing protocol in small-to-modest sized networks that have
stable links. It requires minimal protocol expertise or up-front design effort to function well.
However, since RIP broadcasts entire routing tables, its overhead may be unacceptable in
larger enterprises. Also, it does not adapt to failed network links quickly enough for some
mission-critical environments.
The next chart summarizes the advantages and disadvantages of using RIPv2.
OSPF
Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) that distributes routing
information between routers belonging to a single autonomous system (AS). OSPF is a
link-state protocol that supports IP subnets, Type of Service (TOS)-based routing, and tagging
of externally-derived routing information.
In general, OSPF is better suited to larger enterprise networks. The ability to restrict the effect
of topology changes to a single area, its use of metrics reflecting the true speed of a link, and
its greater control over summarization and route importing make OSPF a clear winner in large
networks.
OSPF does require more planning, higher performance central processing units (CPUs) in
the routers, and experienced network management teams to monitor its performance. These
requirements may lead to higher implementation costs.
OSPF protocol is based on link-state information and Shortest Path First (SPF) route
computation. This is a departure from the Bellman-Ford basis used by traditional Transmission
Control Protocol/Internet Protocol (TCP/IP) routing protocols such as RIP.
The OSPF protocol was developed by the OSPF working group of the Internet Engineering
Task Force. It was designed expressly for the TCP/IP Internet environment, including explicit
support for Classless Inter-Domain Routing (CIDR) and the tagging of externally derived routing
information.
OSPF also provides for the authentication of routing updates, and utilizes IP multicast when
sending/receiving the updates. OSPF responds quickly to topology changes, yet involves small
amounts of routing protocol traffic.
OSPF Features
Routers using link state protocols, such as OSPF, do not exchange routing information. They
exchange link state information, which is maintained by each router in a database describing
the domain's topology. This database is called the Link State Database (LSDB), and has the
following features.
In the figure below, the LSDB of all routers contains information about the complete network.
This information is pieced together from advertisements received from each of the other
participating routers within the OSPF domain.
Note that two of the vertices (N8 and N9) are networks representing a broadcast network with
one router.
The LSDB is the heart of OSPF. The LSDB is the same on all routers within a single area.
On the ERS you can view the LSDB from the Java Device Manager (JDM) by opening the Edit
OSPF window and clicking the LSDB tab.
The Run-time CLI can be used to gather additional detail about the LSDB.
show ip ospf lsdb [area <value>] [lsatype <value>] [lsid <value>] [adv_rtr <value>]
[detail]
The following figures show examples of the JDM and CLI with additional details.
Additional information, such as Neighbors and OSPF Interfaces can also be retrieved.
OSPF areas
In a large enterprise with many routers and networks, the LSDB and routing tables become
large. This is not advantageous because:
• Large routing tables consume memory and result in more central processing unit
(CPU) cycles being needed to make a forwarding decision.
• Large LSDBs consume memory.
• The processing of Link State Advertisements (LSAs) is CPU-intensive.
Dividing the network into OSPF areas can reduce these unwanted effects.
Characteristics of areas
Advantages of areas
Why areas?
• Internal
• Area Border
• Backbone
• Autonomous System Boundary
Internal Routers
An internal router is a router with all directly connected networks belonging to the same area.
Routers with only backbone interfaces also belong to this category. These routers run a single
copy of the basic routing algorithm and maintain one SPF for that area.
An Area Border Router, or ABR, is a router with interfaces in multiple areas. ABRs maintain
multiple LSDBs, one copy for each attached area, including the backbone.
A backbone router is a router with an interface to the backbone. This router can also be an ABR
or an internal router. ABRs are, by definition, also backbone routers.
OSPF views non-OSPF networks as outside the OSPF AS and, therefore, external to it. An
OSPF router connected to such networks - Routing Information Protocol (RIP) or Border
Gateway Protocol (BGP) - is an AS Boundary Router (ASBR). This router has AS external
routes that are advertised throughout the OSPF domain. Every router in the OSPF domain
knows the path to each ASBR router.
To configure the Global OSPF parameters for the ERS 8600, open the Edit OSPF window by
selecting Routing > OSPF from the menu bar.
• RouterID - A 32-bit integer uniquely identifying the router in the autonomous system.
By convention, to ensure uniqueness, this should default to the value of one of the
router's IP interface addresses.
• AdminStat - The administrative status of OSPF in the router. The value "enabled"
denotes that the OSPF process is active on at least one interface; "disabled" disables
it on all interfaces.
• VersionNumber - The current version of the OSPF protocol is 2.
• AreaBdrRtrStatus - A flag to note whether this router is an area border router
• ASBdrRtrStatus - A flag to note whether this router is an AS border router
• ExternLSACount - The number of external (LS type 5) link-state advertisements in
the link-state database
• ExternLSACksumSum - The 32-bit unsigned sum of the LS checksums of the
external LSAs contained in the link-state database
• OriginateNewLSAs - The number of new LSAs that have been originated. This
number is incremented each time the router originates a new LSA.
• RxNewLSAs - The number of LSAs received determined to be new instantiations.
This number does not include newer instantiations of self-originated LSAs.
• Port Metrics - Default Costs for 10 Mbs, 100 Mbs, and 1000 Mbs ports.
• TrapEnable - Indicates whether or not traps relating to OSPF are sent to the
management station.
• AutoVirtLinkEnable - Enables or disables automatic creation of virtual links
• SpfHoldDownTime - Allows you to change the OSPF Hold Down timer value (3
to 60 seconds). Default is 10 seconds. Specifies the amount of time to wait before
activating a route to a network that has been determined as down or unreachable.
This ensures that the route has become available for a period of time before
considering it valid, making for a level of network stability.
• LastSpfRun - Indicates the time (SysUpTime) since the last SPF calculated by
OSPF
• SPF Run - Allows you to initiate a new SPF run to update the routing table. This
feature can be used when you need to immediately restore a deleted OSPF-learned
route. It can also be used as a debug mechanism when the routing table's entries
and the link-state database are out of sync.
OSPF routers form adjacencies differently based on types of networks. However, a protocol
cannot determine the type of network to which it is connected. You must declare the type
of network upon initial configuration. Failure to do so can result in incorrect operation of an
interface.
Point-to-Point network
This network connects a single pair of routers. This is a link with only one router at each end.
Links, High-Speed Serial Interface (HSSI), T1, and sync, running standard Point-to-Point
Protocol (PPP), are all examples of point-to-point networks. A point-to-point network can be
either numbered or unnumbered.
Broadcast Network
This network supports more than two attached routers. It can support sending a single message
to all routers (multicast messages). Ethernet, FDDI, and SMDS are examples of media
supporting broadcast networks.
This network supports more than two attached routers, but has no broadcast capability. OSPF
packets that are normally multicast are sent to the IP address of each neighboring router.
X.25, Frame Relay, and asynchronous transfer mode (ATM) networks are examples of NBMA
networks.
This network supports OSPF capabilities in a group mode Frame Relay environment (non-fully
meshed and fully meshed).
A passive interface allows the advertisement of internal routes without forming adjacencies. The
network behind a passive interface is treated as a stub area. The network is advertised into the
OSPF area as an internal route.
A stub area is configured at the edge of the OSPF routing domain and has only one ABR.
A stub area does not receive LSAs for routes outside its area, which reduces the size of its
link-state database. A packet destined outside the stub area is routed to the ABR, which
examines it before forwarding the packet to its destination.
Hint for presenting this slide: Present the typical mappings of OSPF
network type to physical network per the examples. Then point out that
Student other mappings can work (for example, an Ethernet with only two routers
Notes configured as a point-to-point network) and may in, some cases, be
more efficient.
OSPF adjacencies
Why form adjacencies between routers?
OSPF creates adjacencies between neighboring routers to exchange LSDB information. The
Ethernet Routing Switch supports up to 480 adjacencies.
The Hello protocol is used to determine if two routers are to become adjacent. The Hello
protocol verifies that both routers are in the same area, have the same interface timers and
network mask, and their router capabilities match. If all of these tests are passed, the routers
may then exchange link state information.
Forming an adjacency
The general process that OSPF routers use to form an adjacency is described below. For more
detailed information about this process, refer to RFC 2328.
1. Routers A and B exchange hello packets. Based on the contents, A and B decide
whether to become fully adjacent.
2. Routers A and B compare LSDBs by exchanging database description packets.
These packets do not provide enough detail to actually update the database, only
enough detail to find out which LSAs are not yet in the local database and which
LSAs presently in the database are out of date.
3. Each router updates its database by transmitting a link state request to the other
router. The request is considered fulfilled when a link state update is received
containing the requested LSAs.
1 Each router updates its database with information it considers better than what
it already has. A sequence number contained in each LSA determines what
constitutes better information. The receipt of each LSA is acknowledged by
using the link state ACK packet.
4. When this process is complete, the adjacency is formed, the link state databases are
synchronized, and the Neighbor State is Full.
5. The two routers continue to exchange Hello messages, maintaining their adjacency.
Any LSA learned by a router is propagated to its neighbors, otherwise the link is
inactive.
Forming an adjacency
Neighbor states
Neighbor states
The conversation between neighboring routers has defined states. On the router, you see some
of these states when you view the log or trace file.
• Down - This is the initial state of a neighbor conversation. There has been no recent
information received from the neighbor. This appears only for statically configured
neighbors.
• Attempt - This state only occurs on non-broadcast networks. It indicates that no
recent information has been received from a neighbor.
• Init - A hello packet is seen from the neighbor but bi-directional communication is not
established with the neighbor.
• Two-Way - Communication between the two routers is bi-directional. This occurs
when router A receives router B's hello and sees itself listed as a neighbor.
• ExStart - This is the first step in creating an adjacency. A master or slave
relationship is negotiated, governing the subsequent message exchange.
• Exchange - The router is describing its entire LSDB by sending database description
packets to the neighbor. The router with the highest router ID becomes the master.
• Loading - Link state request packets are sent to the neighbor asking for more recent
advertisements that were learned but not received. Link state updates are sent in
response.
• Full - The neighboring routers are fully adjacent, and the LSDBs are identical.
Neighbor States
In this example, RtrB is the DR and becomes the Master for this process
example.
Student
Notes Seq = references the sequence number used
I = Init bit
M = More bit
Master/Slave = Master Bit
In the next figure, if Router A is adjacent to Routers B, C, and D, their LSDBs are identical.
Therefore, there is no need to form adjacencies between Routers C and D, B and D, or B and
C.
In the Hello message, the highest router priority parameter value dictates which router becomes
the DR. In the case of equal router priorities, the router with the highest router ID (a global
OSPF parameter) becomes the DR.
When a router's interface is initialized, the router checks for a DR. If one already exists, the
router defers to it, regardless of its configured priority.
The DR maintains adjacencies to all routers on the same physical network. This router sends
link state updates to the multicast AllSPFRouters address (224.0.0.5). This eliminates the need
to send a separate update to the address of each adjacent router.
Routers that are not the DR send updates to the AllDRRouters address (224.0.0.6).
A router can be prevented from becoming the DR by setting its router priority value to 0.
A Backup Designated Router (BDR) is also elected in case the DR fails. All routers, including
the DR, become adjacent with a BDR.
• On a point-to-point network, it forms an adjacency with the router at the other end of
the network.
• On a multi-access network, it forms an adjacency with the designated router (DR)
and the backup designated router (BDR).
If a new OSPF router comes into the network, it must form at least one adjacency. The
presence of a new router means that there are new networks available, and this information
must be propagated throughout the network. The LSDBs of all OSPF routers must be updated
and the SPF tree recalculated.
1. Router A initializes and starts to transmit OSPF Hello messages through the
point-to-point link.
On the Ethernet Routing Switch, an OSPF router interface may be a brouter port or it may be a
virtual router port attached to a VLAN.
A brouter port is a single-port VLAN that can route IP packets and bridge all nonroutable traffic.
The difference between a brouter port and a standard IP protocol-based VLAN configured to
perform routing is that the routing interface of the brouter port is not subject to the spanning tree
state of the port. A brouter port can be in the blocking state for nonroutable traffic and can still
route IP traffic. This feature removes interruptions caused by Spanning Tree Protocol (STP)
recalculations in routed traffic.
Fields
AdminState Type
State AuthType
Fields
IP Address AuthKey
AddressLessIf HelloInterval
AreaID TransitDelay
AdminStat RetransInterval
Type PollInterval
Fields
AuthType MtuIgnore
Type 0 - Null
Type 1 - Simple password
Type 2 - Cryptographic authentication
Type 0 - Null
Use of this authentication type means that routing exchanges over the network and subnet are
not authenticated. The 64-bit authentication field in the OSPF header can contain anything; it is
not examined upon packet reception. When employing Null authentication, the entire contents
of each OSPF packet (other than the 64-bit authentication field) are check-summed in order to
detect data corruption.
Using this authentication type, a 64-bit field is configured on a network basis. All packets
sent on a particular network must have this configured value in their OSPF header 64-bit
authentication field. This essentially serves as a "clear" 64-bit password.
In addition, the entire contents of each OSPF packet (other than the 64-bit authentication field)
are check-summed in order to detect data corruption.
Simple password authentication guards against routers inadvertently joining the routing
domain; each router must first be configured with its attached networks' password before it
can participate in routing. However, simple password authentication is vulnerable to passive
attacks. Anyone with physical access to the network can learn the password and compromise
the security of the OSPF routing domain.
Using this authentication type, a shared secret key is configured in all routers attached to a
common network or subnet. For each OSPF protocol packet, the key is used to generate and
verify a message digest that is appended to the end of the OSPF packet.
The message digest is a one-way function of the OSPF protocol packet and the secret key.
Since the secret key is never sent over the network in the clear, protection is provided against
passive attacks.
The algorithms used to generate and verify the message digest are specified implicitly by the
secret key. This specification completely defines the use of OSPF cryptographic authentication
when the MD5 algorithm is used.
Cryptographic authentication
Cryptographic authentication
Cryptographic authentication used by OSPF uses the MD5 algorithm as specified in RFC
1321. The algorithm takes as input a message of arbitrary length, and produces as output a
128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally
infeasible to produce two messages having the same message digest, or to produce any
message having a given pre-specified target message digest. The MD5 algorithm is intended for
digital signature applications using a private (secret) key under a public-key cryptosystem such
as Rivest Shamir Adelman (RSA).
Authentication field
When cryptographic authentication is used, the 64-bit authentication field in the standard OSPF
packet header is redefined, as shown below. The new field definitions are as follows:
• Key IP
This field identifies the algorithm and secret key used to create the message digest appended to
the OSPF packet. Key IDs are unique for each interface (or equivalently, for each subnet).
This is the length in bytes of the message digest appended to the OSPF packet.
This is an unsigned 32-bit non-decreasing sequence number, used to guard against replay
attacks.
The message digest appended to the OSPF packet is not actually considered part of the OSPF
protocol packet. The message digest is not included in the OSPF header’s packet length,
although it is included in the packet’s IP header length field. The message digest is 128 bits in
length.
Note: The OSPF cryptographic authentication option does not provide confidentiality.
When using cryptographic authentication, there may be multiple keys configured for the
interface. As the network administrator, you choose which key is enabled for an interface. The
switch then uses the selected key for message generation and modifies the out-bound packet
as follows:
When using cryptographic authentication, the received OSPF packet is authenticated by the
switch as follows:
1. The switch compares the receiving interface's configured key having a Key ID equal
to that specified in the received OSPF packet. If the key is not found, or if the key is
not valid for reception, the OSPF packet is discarded.
2. If the cryptographic sequence number found in the OSPF header is less than the
cryptographic sequence number recorded in the sending neighbor's data structure,
the OSPF packet is discarded.
3. The switch verifies the appended message digest in the following steps:
On the Ethernet Routing Switches, MD5 authentication can only be configured using the
run-time CLI.
delete-message-digest-key <md5-key-id>
• To enable MD5 authentication on the OSPF interface:
authentication-type <none|simple|message-digest>
• To view the MD5 keys and Key-IDs, use the info command.
Note: When the interface status is viewed using JDM, the AuthType value is equal to 2.
There is no value displayed for AuthKey.
Review what you just learned by answering the questions in your student guide.
Which protocol works well when all network links have the same throughput, but has difficulty
determining the "best" route if the links in the network vary in capacity?
_____ OSPF
_____ NLSP
_____ RIP
_____ IS-IS
Answer: , RIP
_____ Internal
_____ ABR
Answer: , ABR
The initial state of a neighbor conversation between two statically configured neighbors is:
_____ Down
_____ Attempt
_____ Init
_____ Loading
Answer: Down
_____ MD5
_____ RIP
_____ ABRs
_____ LSAs
Answer: , LSAs
Lesson summary
Lesson summary
• Describe the features and advantages of Open Shortest Path First (OSPF)
• Explain the types of OSPF Link State Advertisements (LSAs)
• Describe the purpose of the four types of OSPF routers
• List the types of networks supported by OSPF
• Describe OSPF neighbor routers and explain the process of forming an adjacency
• Describe how to configure an OSPF router interface
• Describe Message Digest Version (MD5) authentication for OSPF adjacencies
IG Note
Student Lab activity – OSPF Networks should follow this lesson. Allow 2 hours
Notes to complete this lab.
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to describe the advanced Open Shortest Path First (OSPF)
features and how to configure them on the Avaya Ethernet Routing Switch (ERS). OSPF
virtual links are discussed.
Lesson objectives
• Compare the Routing Table and OSPF Link State Database (LSDB) for a single area
network and a multiple area network.
• Describe the benefits of route summaries and how they are configured
• Describe the benefits of OSPF route policies
• Describe and configure virtual links
Lesson duration
Lab activity - OSPF and RIP Networks should follow this lesson.
The following figure illustrates a simple, single area OSPF network. All routers are in area
0.0.0.0. Each router has five networks configured in its Class B subnetwork. Interswitch links
each use a single Class C network address.
Questions
Answers
The Router links will point to the Router IDs in the network. In this case
0.0.0.1, 0.0.0.2, 0.0.0.3 and 0.0.0.4 are the router IDs in the network.
Student
Notes The Network Links will point to the DR on each network. In this case,
one interface from each of the networks: 192.168.10.0, 192.168.11.0,
192.168.12.0, and 172.16.193.0.
OSPF aging
OSPF Aging
Sample LSDB
Answers
Student Only the originating Router will cause its own LSDB entries to flush. A
Notes Router will not flush LSDBs that are not its own unless it has aged 3600
seconds (2 x 30 minutes).
Using this network, and the previous LSDB, what problems, if any, are illustrated?
Answer: The link between 0.0.0.3 and 0.0.0.4 is down. The age of an
entry for an active network link or Router link should never be more than
Student about 1800 seconds (30 minutes).
Notes
Note: The Router will remove entries in the LSDB if the age of the entry
becomes greater than 3600 seconds.
To add an interface to an area other than 0.0.0.0, the area must first be created. When the area
is created, the AreaBrdRtrStatus (on the General tab of the Edit OSPF window) changes to
True.
1 Open the Edit OSPF window and click the Area tab.
2 Click Insert.
This opens a dialog box to configure the new area on the ERS 8600.
3 Enter the necessary information and click Insert.
To add existing interfaces to this new area, click the Interface tab in the Edit OSPF window and
modify the necessary information.
Note: Area 0.0.0.0, the backbone, cannot be deleted. If there are no interfaces in the
backbone area, it will not appear in the LSDB or be advertised in the LSAs.
When a router acts as an ABR, it maintains copies of the LSDB for each area that has active
interfaces. In the example used here, each router maintains two databases.
There are two types of areas that have special requirements: Stub Areas and
Not-So-Stubby-Areas (NSSAs).
Stub Area
Not-So-Stubby-Area (NSSA)
These restrictions reduce the size of the LSDB, because external LSAs are not included or
are reduced in number. The ABR advertises a default route, 0.0.0.0, into the Stub or NSSA as
a default route. Access to routes not in the area is sent to the ABR for forwarding using this
default route.
To create a stub area or an NSSA on an Ethernet Routing Switch, open the Edit OSPF window
and click the Area tab. Select:
Student
Notes
Network summaries
Why use network summaries?
Creating the areas shown in the example network below caused the LSDB to expand from eight
entries (four router and four network links) to 20 entries.
Question
Answer: When areas are created, the ABR (Area Border Router) sends
Summary Advertisements between areas, not the network and router
Student links. Because we have not yet created area summaries, each router link
Notes and network link is advertised from and to the backbone. In addition, all
area summaries from the backbone are advertised into each new area.
Also, the router is an ASBR so there will be two copies of the LSDB.
Network Summaries
Type 3 LSAs
Networks internal to an area are advertised to other areas using a Summary-Link State
Advertisement (Summary-LSA). This is a Type 3 LSA.
ABRs generate Summary-LSAs. By default, there is a Summary-LSA for every network within
the area. However, an ABR can be configured to condense many networks into a single
network summary. This type of Summary-LSA actually describes a range of networks, and all
the networks within an area are advertised as one. The major benefit of this is that it reduces
the size of the LSDBs of routers outside the area, and reduces LSA processing. A smaller
LSDB results in a smaller routing table.
To associate a range of networks to an area:
1. In the Edit OSPF window, click the Area Aggregate tab.
2. Click Insert and enter the necessary information.
This window also allows you to control which networks are summarized.
Any existing interfaces that fall within the created range become members of the new area.
If a new interface is created, it is added to an area if a range exists for that area and the IP
address for the interface is within that range.
Creating area ranges
Question
IG Note - Answer
Student Looking at the third octet, 4 - 7 in binary is 0000 0100 to 0000 0111.
Notes The common bit pattern is 0000 01xx (x is don't care) so the network
and mask for this range is 172.16.4.0/22.
The second range: 24 - 27 is 0001 1000 to 0001 1011 . The common bit
pattern is 0001 10xx à 172.16.24.0/22
A summary range for area 0.0.0.0 was also created but is not shown
here.
Student
Notes The determination of the values for the network number mask to create
the ranges was covered in the 160 (Advanced IP) course and not
covered here. The process is very similar to determining the network
and mask to use for Accept and Announce policies.
The next graphic shows the LSDB and routing table for Router 0.0.0.1. Notice that for each area
on the ABR there is an LSDB.
The ABR advertises only summary information from area 0.0.0.0 into area 1.0.0.0 and from area
1.0.0.0 into area 0.0.0.0. This causes any communication between a host in area 1.0.0.0 and
any host in another area to go though the ABR.
• Area 0.0.0.0 only has summary information for non-backbone areas, and detailed
information about itself.
• Area 1.0.0.0 only has summary information for other areas, and detailed information
about itself.
Our example network has a router in area 3.0.0.0 supporting networks 172.16.0.0/18. Below is
a portion of the LSDB for Rtr 0.0.0.3 for area 3.0.0.0. Notice that Rtr 0.0.0.4 and the network
summary for area 4.0.0.0 are in the LSDB for area 3.0.0.0.
LSDB summarization
Question
Are the networks in area 4.0.0.0 reachable from area 1.0.0.0? Why or why not?
Many networks employ more than one IP routing protocol. When using OSPF, it is important to
understand how it interoperates with other protocols.
Networks in a routing table can be learned from a variety of sources. The source can be OSPF,
but it can also be RIP, BGP, EGP, or a static route that you added.
OSPF considers itself the primary source of routing information within the AS. OSPF views all
non-OSPF networks as external. The following are examples of external routes:
For OSPF to advertise these external networks into an OSPF area, OSPF Redistribute policies
must be configured.
RIP, like OSPF, only considers itself and routes learned from other RIP gateways when building
the local routing table. Networks external to RIP must be configured though RIP Accept policies
in order to be advertised within the RIP network.
In the following example, both OSPF Router 0.0.0.1 and RIP Rtr 1 have interfaces in both the
OSPF and RIP routing domains. How the RIP and OSPF routes and metrics are included with
the other domain are functions of the policies applied on each router.
Enabling ASBR
An Autonomous System Boundary Router (ASBR) has at least one source of routing information
that is not of OSPF origin. This could be an interface into a network supporting a different
routing protocol or it could be a router configured with static and/or default routes.
To make non-OSPF networks known to all routers in an OSPF domain, configure the router as
an ASBR. You do this by enabling the global parameter called ASBR. You can configure the
ERS 8600 switch as an OSPF ASBR to:
Enabling ASBR
To enable the ASBR function on an Ethernet Routing Switch, open the Edit OSPF window and
set ASBdrRtrStatus to True.
Enabling ASBR
An ASBR sends an AS External-LSA for each external route it has learned. These
advertisements are flooded throughout the OSPF domain without regard to area structure.
ASBR advertisements
When a router is configured as an ASBR, it announces this by setting the E-bit in its router links
advertisements (Type 1).
If the OSPF domain is divided into areas, the border router for the area to which the ASBR
belongs picks up the router links advertisement generated by the ASBR. The ABR then
transmits a Type 4 AS Summary LSA.
The AS Summary LSA describes a route to the ASBR. An AS Summary LSA is flooded by the
ABR into its adjoining areas. The exception to this is when the adjoining area is a stub area, and
the import summary parameter is set to False.
In the example network, OSPF Routers 0.0.0.1 and 0.0.0.4 are configured as ASBRs.
Two mechanisms are implemented by the ERS 8600 Routing Table Manager (RTM) to control
route advertisements in an OSPF Domain:
• OSPF Redistribute
• OSPF Accept
You can build OSPF route policies using criteria in the following table.
OSPF Redistribute
The Redistribute function allows you to take what the Ethernet Routing Switch RTM has learned
from the various sources and advertise these routes as LSAs into the OSPF Domain. These
redistribute policies may be built upon criteria displayed in the table above.
OSPF Accept
An OSPF Accept Policy allows you to control which routes being received by the ERS 8600 will
be dropped, summarized or accepted based on the specified criteria.
OSPF policies are applied in an ASBR to redistribute the routes learned from non-OSPF
sources. If no policies are configured or no matching policy exists for a given route, the default
behavior is applied, and OSPF ignores all external routes.
To create a policy that advertises RIP routes into the OSPF network, use the OSPF Redistribute
function. You may also apply a policy to the redistribution to further control the advertisement.
The example on the opposite page shows the creation of OSPF Redistribute Policy on Router
0.0.0.1 that announces all local networks as Type I routes with an explicated metric of 100.
External advertisements may be viewed using the External Link Database tab on the Edit
OSPF window.
• How would you enable the advertisements of “remote” RIP routes as Type II external
routes and “Local” RIP routes as Type I external routes?
Answer: Create an additional policy that the route source is RIP and
make the advertisement a Type-II. The two policies will work together to
Student create the "standard" type I or type II advertisements.
Notes
OSPF networks are advertised into RIP networks using RIP Announce policies. In this case, a
RIP policy is used to announce all OSPF routes into the RIP network.
A RIP Announce policy on Router 0.0.0.1 was created assigning a metric of 10 to all OSPF
networks. The graphic on the opposite page shows the routing table for Router 0.0.0.4. Notice
the RIP-learned networks.
If the metric value is set to 0, the actual metric of the route is used to announce the network
with RIP. This would cause a network with a metric of 100 to be unreachable within the RIP
network.
Routing table
OSPF Accept policies are applied whenever the OSPF computes the external routes due
to a topology change or an external link-state advertisement (LSA). If there are no policies
configured or no matching policies found for a given route, the external route is included in the
routing table.
In our example, network users on Router 0.0.0.3 are to be denied access to 10.1.2.0/24. To do
this, the OSPF Accept policy shown below could be used. This policy prevents external routes
to 10.1.2.0/24 from entering the routing table on this router.
Questions
Virtual links
Connecting to the backbone for noncontiguous topologies
Virtual links
A virtual link provides a means for an OSPF area's ABR to connect to the backbone area
0.0.0.0 in a virtual manner. With this solution, an OSPF area is allowed even if it is unfeasible
to provide to a direct connection to the backbone because of some topology or distance
restrictions. Instead of a direct connection to the backbone, the ABR establishes a virtual
connection to an existing ABR through a common area. The virtual link meets the requirement
for all areas to have a connection to the backbone area.
A virtual link is treated as a point-to-point link that has the following characteristics:
• This link must be between two ABRs with one area in common. The area the two
ABRs share is called the transit area.
• Originates from an ABR connected to the backbone
• Ends in an ABR of the non-contiguous area
A virtual link is not a physical point-to-point link. It is tied to the current least-cost physical path
through the transit area.
Through the virtual link, an adjacency is formed. Like the OSPF interfaces you configured, the
timers at each end of the virtual link must agree before an adjacency can be formed.
When the adjacency through the virtual link is formed, it is included in the router links
advertisements.
Student
Notes
To manually create a virtual link, each end of the link must be defined.
The timer router dead-time interval is 60 seconds by default on virtual interfaces. This is
compliant with RFC 2328.
Note
Virtual neighbors
Use automatic virtual links to provide an automatic, dynamic backup link for vital OSPF traffic.
The Auto Virtual Link feature of the Ethernet Routing Switch ensures that if the ABR's
connection to the backbone breaks, a new virtual link is created. Once the virtual link is created,
it remains up even when the ABR's original connection to the backbone is restored.
To use the Auto Virtual Link feature, set AutoVirtLinkEnable to True on two ABRs that have a
common area. This is found on the General tab of the Edit OSPF window.
If AutoVirtLinkEnable is only set to True on a single ABR, the other end of the virtual link to
be created dynamically. Other ABRs can be manually configured.
Review what you just learned by answering the questions in your student guide.
_____ MD5
_____ RIP
_____ ABRs
_____ LSAs
Answer: , LSAs
The ______ is a table generated within every router in the OSPF domain.
_____ MD5
_____ LSDB
_____ LSA
_____ ABR
Answer: , LSDB
In a network running OSPF, the primary source of routing information within the AS is:
_____ OSPF
Answer: , OSPF
When a router is configured as an ASBR, it begins sending which of the following types of
LSAs to describe a network external to the OSPF domain?
Lesson summary
Lesson summary
• Compare the Routing Table and OSPF Link State Database (LSDB) for a single area
network and a multiple area network.
• Describe the benefits of route summaries and how they are configured
• Describe the benefits of OSPF route policies
• Describe and configure virtual links
Lab activity - OSPF and RIP Networks should follow this lesson.
BGP4 Overview
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to describe the Border Gateway Protocol (BGP4) features,
concepts, and terminology.
Lesson objectives
Border Gateway Protocol (BGP) is an inter-domain routing protocol that provides loop-free
inter-domain routing between autonomous systems (ASs) or within an AS.
BGP systems can exchange network layer reachability information (NLRI) with other BGP
systems for the purpose of constructing a graph of AS connectivity. BGP uses this information
to prune routing loops and enforce AS-level policy decisions.
BGP provides features that allow you to consolidate routing information and to control the flow
of BGP updates.
Routers within an AS run Interior Gateway Protocols (IGPs). Examples of IGPs include Open
Shortest Path First (OSPF), Routing Information Protocol (RIP), and static routes. Within an AS,
it is possible to run multiple IGPs. IGPs automatically find the best path to all destinations in an
organization's internetwork.
The best path is determined by a metric like interface cost (OSPF) or hop count (RIP). An IGP
reacts to a change in the topology by trying to find a new best path automatically.
Exterior Gateway Protocols (EGPs) are used to route traffic between Autonomous Systems.
Examples of EGPs include the Exterior Gateway Protocol (EGP), and Border Gateway Protocol
4 (BGP4).
EGPs are concerned only with network reachability, whereas IGPs are concerned with hop
counts or metrics. Because autonomous systems use different IGPs with different metrics, it
would be very difficult, if not impossible, to properly interpret or correlate these metrics between
autonomous systems.
Internet topology
Today’s Internet consists of major backbones, mid-level or regional networks, campus networks,
and corporate networks that are interconnected in many ways. Backbones and mid-level
networks or Internet service providers (ISPs) can consist of one or several autonomous
systems. A corporate or campus network (subscribers) can be an independent AS, or can be
part of its ISP’s AS.
Unlike the early Internet topology (2-tiered tree), the modern Internet is an arbitrary collection
of interconnected autonomous systems. Routing protocols used in this environment must be
able to prevent routing loops, advertise tens of thousands of destinations, and give the AS
administrator considerable flexibility in determining routing policy.
Border Gateway Protocol (BGP) supplies these solutions. The following figure illustrates the
Internet topology that uses BGP to connect Autonomous Systems.
Internet topology
BGP4
BGP4
BGP requirements depend on the ISP connection type and the addressing strategy.
BGP has two primary functions, which both enforce AS-level policy decisions:
BGP4 has no concept of address classes. Each network listed in the network layer reachability
information (NLRI) portion of an update message contains a prefix length field, which
describes the length of the mask associated with the network. The prefix length field allows for
both supernet and subnet advertisement. The supernet advertisement is what makes Classless
Interdomain Routing (CIDR) possible.
There is also BGP4 support for BGP confederations and Transmission Control Protocol (TCP)
Message Digest 5 (MD5) message authentication.
BGP4 uses a reliable transport mechanism (TCP/179) and supports CIDR, which aggregates IP
routes and AS paths.
Autonomous systems
Local Area Networks (LANs) and Wide Area Networks (WANs) interconnected by IP routers
form a group of networks called an internetwork. For administrative purposes, an internetwork is
divided into autonomous systems.
An autonomous system (AS) is a group of routers and hosts run by a single technical
administrator that has a single, clearly defined routing policy. Each autonomous system has a
unique AS number assigned by the appropriate Internet Registry entity.
Remember that BGP enforces AS-level policy decisions by exchanging network reachability
information between autonomous systems and by providing loop-free interdomain routing
between different autonomous systems.
Gateways
Gateways
The routers at the edges (borders) of autonomous systems are called gateways. Gateways use
Exterior Gateway Protocols to exchange reachability information and to route packets between
routing domains.
BGP exchanges information between Autonomous Systems as well as between routers within
the same AS.
• Routers that are members of the same AS and that exchange BGP updates run
internal BGP (IBGP).
• Routers that are members of different Autonomous Systems and that exchange BGP
updates run external BGP (EBGP).
Example of Gateways
AS Types
AS Types
The categories of AS are defined by their connectivity and the type of traffic they carry, as
follows:
• Stub AS - Only one entry/exit point to the AS. All traffic either comes from, or is
destined to, this AS. One BGP peer is configured.
• Transit AS - Multiple connections to other autonomous systems. Traffic in this AS
type might have originated in another AS and be destined for a third AS. This AS
type might also be a local origination or destination. Because a transit AS has
multiple interconnections, it can carry traffic belonging to other autonomous systems.
An ISP's AS is usually a transit AS. Many BGP peers are configured.
• Multihomed nontransit AS - This type of AS has multiple connections to other
autonomous systems but does not function as a transit AS. All traffic in this AS either
originated here or is destined for here. Again, multiple BGP peers are configured.
In the following diagram, autonomous systems 20, 30, 40, and 60 are stub autonomous
systems. Autonomous systems 100 and 200 are both transit autonomous systems. Autonomous
systems 10 and 50 are multihomed nontransit autonomous systems.
Each type of AS has specific configuration needs and concerns, such as which networks are
advertised from an AS or what networks are injected into the local routing domain. We are going
to focus our attention on the stub AS.
Internal routing
Avaya implements internal BGP (IBGP) intra-AS routing. With IBGP, each router within an AS
runs:
• An interior gateway protocol (IGP), such as interior gateway routing protocol (IGRP)
• Intermediate system-to-intermediate system (IS-IS)
• RIP
• OSPF
The IBGP information, along with the IGP route to the originating BGP border router,
determines the next hop to use for exchanging information with an external AS. Each router
uses IBGP exclusively to determine reachability to external autonomous systems.
External routing
When a router receives an IBGP update that is destined for an external AS, the update is
passed to IP for inclusion in the routing table only if a viable IGP route to the correct border
gateway is available.
Peers
The transport protocol used with BGP is Transmission Control Protocol (TCP). When any two
routers open a TCP connection to each other for the purpose of exchanging routing information,
they form peer, or neighbor, relationships.
In the next graphic, Routers A and D are BGP peers, as are Routers B and E; C and E; F and
G; and Routers D, E, and F.
Although Routers A and D are running EBGP, Routers D, E, and F within AS 40 are running
IBGP. The EBGP peers are directly connected, while the IBGP peers are not. As long as an
IGP is running that allows any two neighbors to logically communicate, the IBGP peers do not
require a direct connection.
BGP peers exchange complete routing information only after the peer connection is established.
Thereafter, BGP peers exchange routing updates. An update message consists of a network
number, a list of autonomous systems that the routing information passed through (the AS
path), and other path attributes that describe the route to a set of destination networks. When
multiple paths are available, BGP compares the path attributes to choose the preferred path.
Peers
Since all BGP speakers within an AS must be fully meshed logically, the IBGP mesh can grow
to large proportions and become difficult to manage. A way to reduce the number of peers
within an AS is to create confederations and route reflectors, discussed later in this unit.
Peer-to-peer sessions
Peer-to-peer sessions
BGP routers employ an entity within the router, a BGP speaker, which transmits and receives
BGP messages and acts upon them. BGP speakers form a relationship and communicate with
other BGP speakers by establishing a peer-to-peer session.
BGP peers exchange complete routing information only after the peer connection is established.
Thereafter, BGP peers exchange routing updates. An update message consists of a network
number, a list of autonomous systems that the routing information passed through (the AS
path), and other path attributes that describe the route to a set of destination networks. When
multiple paths are available, BGP compares the path attributes to choose the preferred path.
Peer-to-peer sessions
Transit AS
Transit AS
An AS with more than one BGP speaker can use IBGP to provide a transit service for networks
located outside the AS. An AS that provides this service is called a transit AS.
In the next graphic AS 40 is the transit AS. It provides information about its internal networks,
as well as transit networks, to the remaining Autonomous Systems. The IBGP connections
between routers D, E, and F provide consistent routing information to the Autonomous
Systems.
Transit AS
• Class A
• Class B
• Class C
• Class D (used for multicast)
• Class E (reserved and currently not used)
Example
Network 195.215.0.0, an illegal Class C network number, becomes a legal supernet when
it is represented in CIDR notation as 195.215.0.0/16. The /16 is called the prefix length and
becomes a way of expressing the explicit mask that CIDR requires. In this case, the addition of
the prefix /16 indicates that the subnet mask consists of 16 bits (counting from the left).
Note that with this method, supernet 195.215.0.0/16 represents 195.215.0.0 255.255.0.0.
CIDR also allows you to assign network prefixes of arbitrary lengths. This differs from the class
system, which assigns prefixes as even multiples of an octet. For example, you can assign
a single routing table entry of 195.215.16/21 to represent eight separate Class C network
numbers 195.215.16.0 through 195.215.23.0.
Aggregate routes
Aggregate routes
Eliminating the idea of network classes provides an easy method to aggregate routes. Rather
than advertise a separate route for each destination network in a supernet, BGP uses a
supernet address to advertise a single route - an aggregate route - that represents all the
destinations.
CIDR also reduces the size of the routing tables used to store advertised IP routes.
The graphic below provides an example of route aggregation using CIDR. A single supernet
address 195.215.0.0/16 is used to advertise 256 separate Class C network numbers
195.215.0.0 through 195.215.255.0.
Confederations
Confederations
You can reduce the high bandwidth and maintenance costs associated with a large full-mesh
topology by dividing large Autonomous Systems into multiple, smaller autonomous systems,
each one known as a “sub-AS.” These can be grouped into a “confederation,” which also
reduces the size and complexity of an IBGP mesh, and reduces the complexity of the
associated configuration management.
Other autonomous systems view the confederation as a single AS. The confederation ID is
used as the AS number.
A BGP router configured for IBGP establishes a peer-to-peer session with every other IBGP
speaker in the AS. For example, a full-mesh topology for an AS with 50 IBGP speakers requires
1225 internal peer-to-peer connections, grouped into a single “confederation.”
Confederation functions
The confederation feature complies with RFC 1965 and provides the following functions:
Confederations
A BGP router configured for IBGP must establish a peer-to-peer session with every other IBGP
speaker in the AS.
An IBGP speaker that needs to communicate with other BGP speakers in the AS establishes a
single peer-to-peer RR client session with the route reflector.
The following figure shows a simple IBGP configuration with three IBGP speakers (Routers
A, B, and C). Without route reflectors configured, when Router A receives an advertised route
from an external neighbor, it must advertise the route to Routers B and C. Routers B and C
do not readvertise the IBGP learned routes to other IBGP speakers, because BGP does not
allow routers to pass routes learned from internal neighbors on to other internal neighbors, thus
avoiding routing information loops.
Simple IBGP configuration
Equal Cost Multi Path (ECMP) allows a BGP speaker to perform route or traffic balancing within
an AS by using multiple, equal-cost routes submitted to the routing table by OSPF, RIP, or static
routes.
Transmission Control Protocol (TCP) Message Digest 5 (MD5) authentication is the new TCP
option for carrying an MD5 digest in a TCP segment (signature for the segment).
Review what you just learned by answering the questions in your student guide.
An autonomous system (AS) is a group of routers and hosts run by a single technical
administrator that has:
BGP speakers form a relationship and communicate with other BGP speakers by
establishing:
_____ Multihomed AS
_____ Confederations
To reduce high bandwidth and cost that can be associated with an AS with a large number of
IBGP speakers, you can configure:
When ______________ is enabled, a BGP speaker can verify that the BGP messages it
receives from its peers are actually from a peer, not a third party masquerading as a peer.
_____ 8 bits
_____ 16 bits
When you use a supernet address to advertise a single route, you are using:
_____ Confederations
Lesson summary
Lesson summary
Configuring VRRP
Introduction
Lesson introduction
Lesson introduction
The purpose of this lesson is to describe the benefits and operation of the Virtual Router
Redundancy Protocol (VRRP) including how VRRP works and what problems VRRP
solves. You will also learn how to configure VRRP on the Avaya Ethernet Routing Switch.
Lesson objectives
• Describe the benefits and operation of VRRP, and where it can be used in the network
• Explain the Init, Backup, and Master states of a VRRP router
• Interpret a VRRP advertisement packet
• Describe how to configure VRRP on a VLAN
Lesson duration
What is VRRP?
VRRP is a standards-based method for maintaining network connection from a local area
network (LAN) when the router connecting it to the rest of the network fails. It automatically
detects the failure and reassigns the IP forwarding function to a standby router. VRRP operates
transparently to the end user and requires no special configuration on host devices.
VRRP operation is defined in RFC 2338. It is designed to eliminate the single point of failure
that can occur when the statically configured default gateway router for an end station is lost.
It uses the concept of a virtual Internet Protocol (IP) address shared between two or more
routers connecting a subnet to the enterprise network. With the virtual IP address as the default
gateway on end hosts, VRRP provides dynamic default gateway redundancy in the event of a
failure.
The VRRP router controlling the IP address(es) associated with a virtual router is called the
Master. It forwards packets to these IP addresses. The election process provides a dynamic
fail-over of forwarding responsibility if the master becomes unavailable.
In Figure 2, the first three hosts install a default route to the virtual Router 1 IP address, and the
other three hosts install a default route to the virtual Router 2 IP address. This not only has the
effect of load sharing on the outgoing traffic, it also provides full redundancy. If either router's
interface fails, the other router assumes responsibility for both addresses. In effect, the two
routers act as backups for one another.
In most IP networks, end stations are statically configured with a single router address known
as a default gateway. This is where hosts send all traffic destined for subnets other than their
own. If the gateway goes down, all such traffic is dropped. Running a dynamic routing protocol
such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF) is one potential
solution, but this requires extra administrative effort to set up and maintain on every end
station.
With VRRP, users can achieve redundancy while still relying on a single static gateway address
on each host.
VRRP Router
A router that is running VRRP. VRRP may participate in one or more virtual routers.
Virtual Router
An abstract object managed by VRRP that acts as a next hop or default router for hosts on a
shared LAN. Think of it as a "ghost router" consisting of a virtual router identifier and a set of
associated IP addresses across a common LAN. A VRRP router may back up one or more
virtual routers.
IP Address Owner
The VRRP "ghost router" has an IP address and is supported by two or more physical routers.
Consider the situation in which one of the physical routers has configured on one of its
interfaces the IP address of the virtual router. For example, the virtual router has an IP address
of 192.168.1.1, and one of the physical routers (call it "Router A") has 192.168.1.1 configured
on a physical interface. In this case Router A is said to be the "owner" of the virtual router
address. Router A, when up, responds to packets addressed to 192.168.1.1 for simple network
management protocol (SNMP) packets, Transmission Control Protocol (TCP) connections, etc.
Primary IP Address
An IP address selected from the set of real interface addresses. One possible selection
algorithm is to always select the first address. VRRP advertisements are always sent using the
primary IP address as the source of the IP packet.
The VRRP router that assumes the responsibility of forwarding packets sent to the IP
address(es) associated with the virtual router, and answering Address Resolution Protocol
(ARP) requests for these IP addresses
A set of VRRP routers available to assume forwarding responsibility for a virtual router, should
the current Virtual Router Master fail
VRRP
VRRP parameters
The virtual router identifier (VRID) is a configured item in the range 1-255 (decimal). There is no
default.
Priority
Priority value is used by the VRRP router in Master election for the virtual router. The Master will
be the one with the lowest numerical priority.
• Priorities of 0 and 255 are special cases and are not commonly assigned to VRRP
instances.
• The value of 255 is reserved for the router that owns the IP addresses
associated with the virtual router.
• The value of 0 (zero) is reserved for the Master router to indicate it is releasing
responsibility for the virtual router.
• The range 1-255 is available for VRRP routers backing up the virtual router.
• The default value is 100.
Skew_Time
Master_Down_Interval
Time interval for Backup to declare Master down (seconds). It is calculated as:
(3 * Advertisement_Interval) + Skew_time
Preempt_Mode
Controls whether a higher priority Backup router preempts a lower priority Master. The values
are True (to allow) and False (to not allow) control preemption unless the router owns the IP
address(es). The default is True.
Master_Down_Timer
A timer that activates when an ADVERTISEMENT has not been heard for the
Master_Down_Interval
Adver_Timer
VRRP parameters
VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to
one of the VRRP routers on a LAN. The VRRP router controlling the IP address(es) associated
with a virtual router is called the Master, and forwards packets sent to these IP addresses. The
election process provides dynamic fail-over in the forwarding responsibility should the Master
become unavailable. Any of the virtual router's IP addresses on a LAN can then be used as the
default first-hop router by end hosts.
INIT state
• If the Priority = 255 (the router owns the IP address(es) associated with the virtual
router):
• Send an ADVERTISEMENT.
• Broadcast a gratuitous ARP request containing the virtual router Media Access
Control (MAC) address for each IP address associated with the virtual router.
• Set the Adver_Timer to Advertisement_Interval (Default = 1 sec.).
• Transition to the MASTER state.
Else:
The next three slides show transitions from a single state. The entire
state diagram can be constructed of all of these parts.
Student
Notes
INIT state
The purpose of the Backup state is to monitor the availability and state of the Master router.
While in this state, a VRRP router:
• MUST NOT respond to ARP requests for the IP address(s) associated with the virtual
router
• MUST discard packets with a destination link layer MAC address equal to the virtual
router MAC address
• MUST NOT accept packets addressed to the IP address(es) associated with the
virtual router
• Send an ADVERTISEMENT
• Broadcast a gratuitous ARP request containing the virtual router MAC address for
each IP address associated with the virtual router
• Set the Adver_Timer to Advertisement_Interval
• Transition to the MASTER state
While in the backup state the router basically is in a wait state. It waits and listens for
advertisements from the master router. If, however, it stops receiving those advertisements,
then the router transitions into the Advertise state. At this time the router either becomes the
Master, or is pre-empted by a router with a higher priority.
While in the Master state, the router functions as the forwarding router for the IP address(es)
associated with the virtual router. While in this state, a VRRP router:
• MUST respond to ARP requests for the IP address(es) associated with the virtual
router
• MUST forward packets with a destination link layer MAC address equal to the virtual
router MAC address
• MUST NOT accept packets addressed to the IP address(es) associated with the
virtual router if it is not the IP address owner
• MUST accept packets addressed to the IP address(es) associated with the virtual
router if it is the IP address owner
• Send an ADVERTISEMENT
• Reset the Adver_Timer to Advertisement_Interval
• Send an ADVERTISEMENT
• Reset the Adver_Timer to Advertisement_Interval
Else:
• If the Priority in the ADVERTISEMENT is greater than the local Priority, or if the
Priority in the ADVERTISEMENT is equal to the local Priority and the primary IP
Address of the sender is greater than the local primary IP Address, then:
• Cancel Adver_Timer
• Set Master_Down_Timer to Master_Down_Interval
• Transition to the {Backup} state
Else:
• Discard ADVERTISEMENT
VRRP advertisement
Advertisement packet construction
VRRP advertisements are built in an IP data frame. The next graphic illustrates the construction
of a VRRP advertisement. The following details the values required for the fields in the IP
header and the VRRP advertisement.
Datalink Header
• Virtual Router MAC Address - The virtual router interface MAC address is
00-00-5E-00-01-<VRID>.
IP header
• Source Address - The primary IP address of the interface the packet is being sent
from
• Destination Address - The IP multicast address as assigned by the Internet Assigned
Numbers Authority (IANA) for VRRP is: 224.0.0.18.
• TTL - The TTL MUST be set to 255.
• Protocol - The IP protocol number assigned by the IANA for VRRP is 112 (decimal).
VRRP advertisement
Additional fields
Priority
The priority field specifies the sending VRRP router's priority for the virtual router. Higher
values equal higher priority. The priority value for the VRRP router that owns the IP address(es)
associated with the virtual router MUST be 255 (decimal). VRRP routers backing up a virtual
router MUST use priority values between 1-255 (decimal). The default priority value for VRRP
routers backing up a virtual router is 100 (decimal).
The priority value zero (0) has special meaning, indicating that the current Master has stopped
participating in VRRP. This is used to trigger Backup routers to quickly transition to the Master
state without having to wait for the current Master to timeout.
Count IP Addrs
Authentication Type
The authentication type field identifies the authentication method being utilized. Authentication
type is unique on a per interface basis. The authentication methods currently defined are:
0 - No Authentication
1 - Simple Text Password
2 - IP Authentication Header
Checksum
The checksum field is used to detect data corruption in the VRRP message.
IP Address
This field displays one or more IP addresses that are associated with the virtual router. The
number of addresses included is specified in the "Count IP Addrs" field. These fields are used
for troubleshooting misconfigured routers.
Authentication Data
The authentication string is currently only used for simple text authentication, up to eight
characters of plain text.
The Avaya Ethernet Routing Switch product line supports up to 255 VRRP interfaces per switch.
Preempt Mode
The current release of code forces the preempt mode to True, which causes any VRRP
interface to become the master if its priority is greater than that of the current master.
Critical IP Interface
VRRP support on the Ethernet Routing Switch includes a configuration parameter called Critical
IP Interface. In the diagram on the facing page, hosts using gateway 2 to get off the local subnet
would have to be re-directed through gateway 1 in the event that interface 3 went down. To
save the LAN segment from all this unnecessary traffic you can set interface 3 as a Critical IP
Interface. Then, if interface 3 goes down, the switch immediately transitions to the backup state
and enables gateway 1 to become the Master. When the interface becomes active again, the
switch resumes the Master status for its VRRP address.
As stated in the RFC, a VRRP interface MUST NOT accept packets addressed to the IP
address(es) associated with the virtual router if it is not the IP address owner (priority = 255).
This can cause management problems if the address used by the management station is the
VRRP interface IP address. For example, gateway 2 is down, but a user is using its real IP
address for the VRRP address. The user can ping 192.168.10.2, but any SNMP frames for that
address will be dropped by gateway 1, which is now the Master.
A solution to this problem might be to manage the Ethernet Routing Switch with the "real" IP
interface address and use the VRRP interfaces as the default gateway for the IP nodes. To do
this, you would create two VRRP IP interfaces, neither of which would be the "real" IP address
of the interface.
Critical IP Interface
Care must be taken when using VRRP because the MAC used by the
VRRP interface is different from the "real" MAC. If a node has the "real"
Student MAC in its ARP cache, the node may not relearn the new MAC of the
Notes VRRP interface.
VRRP example 1
VRRP example 1
With the growing corporation come new problems. The setup shown in the figure below (minus
the second switch, 101) seems logical enough, and is adequate for many network designs.
The problems start to arise when there are mission-critical applications that must get through
at any cost. What if Building A houses mail order sales reps who need constant access to
databases? How about Building B, where Marketing needs 100% uptime to the Internet to
compare competitive products? If you look at this network diagram in that respect, Company A
should probably think about redundancy. If you add another ERS 8600 in the Network Center
building at the core's edge, it would seem to solve the problem.
However, it is not really a good solution. If you look at the routing table for each switch in
Buildings A, B, C, and D you see a next hop of either ERS 100 or 101. If one of these switches
should fail, then there would be a black hole period until the routes have aged out, thus allowing
the change in the next hop. If the company has mission-critical applications, they cannot wait -N
minutes for this to happen.
VRRP example 2
VRRP example 2
Now focus on Building A. If you use VRRP to the Network Center switches, you can have
redundant links to the core without the drawback of fail-over time. By setting up a VLAN to span
both switches, you can set a static route to the core via 192.100.1.10. Now, if switch X goes
down, switch Y becomes the Master in 3 seconds (the default), minimizing the black hole time.
VRRP Example 3
VRRP Example 3
You can take this one step further by configuring VRRP on the other side to accomplish the
same thing for traffic coming back from the core. However, by changing the priorities to steer
the next hop to switch Y, you now have actually load-balanced traffic through the Network
Center. Inbound traffic to the campus will cross switch Y, while outbound traffic will cross switch
X. Now you get the best of both worlds. You have a traffic load balance along with redundant
fail-over paths. The last step of this solution would be to use isolated router ports in the Network
center switch, for the critical IP interface option.
The Run-time CLI provides VRRP configuration for router interfaces into port or IP policy-based
VLANs as well as isolated router ports. These commands can be accessed from the
config/ethernet/<port>/ip context or the config/vlan/<vid>/ip context.
You can also configuring VRRP with the Java Device Manager (JDM).
Brouter Ports
Routed VLANs
When a VRRP interface is configured, the IP address assigned must be in the same
subnet as the “real”router interface. This implies that a single “real” interface can only
provide VRRP services for those routers on the same subnet.
Note
The VRRP Fast Hello Timers are an Avaya proprietary feature that provides:
You can view the VRRP configuration and operation using the JDM VRRP global configuration
window.
Review what you just learned by answering the questions in your student guide.
_____ End stations are statically configured with a single router address known as a
default gateway.
_____ Detailed administrative effort is used to set up and maintain on every end
station.
_____ VRRP maintains network connection from a LAN, unless the router
connecting it to the rest of the network fails.
_____ Users can achieve redundancy while still relying on a single static gateway
address on each host.
Answer: , Users can achieve redundancy while still relying on a single static gateway address on each host.
The VRRP router controlling the IP addresses associated with a virtual router is called the:
_____ Master
_____ Backup
Answer: , Master
_____ A VRRP router that has the virtual router's IP address as a real interface
address
_____ The VRRP router that is assuming the responsibility of forwarding packets and
answering ARP requests to that IP address
_____ An address selected from the same subnet as one of the interfaces
Answer: A VRRP router that has the virtual router's IP address as a real interface address
To use VRRP to provide router redundancy when routing to a non-VRRP interface, which
parameter would you use?
The set of routers available to assume forwarding responsibility for a virtual router, should the
current Virtual Router Master fail, is called the:
Lesson summary
Lesson summary
• Describe the benefits and operation of VRRP, and where it can be used in the network
• Explain the Init, Backup, and Master states of a VRRP router
• Interpret a VRRP advertisement packet
• Describe how to configure VRRP on a VLAN