2200 Advanced Routing Protocols

2200 1303_06_2000_c2
2000, Cisco Systems, Inc.
Advanced Routing Technologies

Session 2200 By Itsik Malka
2200 1303_06_2000_c2
Agenda
Host Interaction Default Route and Filtering Distance Redistribution Policy Routing Routing to the internet
2200 1303_06_2000_c2
Host Interaction
2200 1303_06_2000_c2
How Hosts Transmit

Using default-gw:
Compare DA to interfaces and masks If local, get L2 data via arp and transmit Else get L2 data of default router via arp and transmit
Using tables:
Search table for longest match use next hop Local is a special case, next hop is DA If no match use default route for next hop Get L2 data of next hop via arp and transmit
5
Note: Simplified
2200 1303_06_2000_c2
IRDP on Routers
Announcements have a lifetime and preference Configured per interface; off by default Can advertise via all systems multicast (224.0.0.1) Preference level can be set
ip irdp [ multicast holdtime seconds (3X max) maxadvertinterval seconds (600) minadvertinterval seconds (3/4X max) preference number (0) address address [number]]
2200 1303_06_2000_c2
IRDP on Hosts
in.rdisc in Solaris (multicast only) gated in Linux, HP-UX and AIX
routerdiscovery client yes | no | on | off ;
WinSock2 in Windows
NT 4.0 KB Article Q223756
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\adaptername\Parameters\Tcpip\
DHCP option 31
2200 1303_06_2000_c2
HSRP Hot Standby Router Protocol
10.1.1.33
10.1.1.2 00:10:7B:04:88:CC 10.1.1.1 00:10:7B:04:88:AA
10.1.1.3 00:10:7B:04:88:BB
default-gw = 10.1.1.1
Transparent failover of default router Phantom router created One router is active, responds to phantom L2 and L3 addresses
Others monitor and take over phantom addresses
2200 1303_06_2000_c2
HSRP RFC 2281

HSR multicasts hellos every 3 sec with a default priority of 100 HSR will assume control if it has the highest priority and preempt configured after delay (default=0) seconds HSR will deduct 10 from its priority if the tracked interface goes down
2200 1303_06_2000_c2
Router Group #1 Primary
Standby Standby
Primary
Standby Router Group #2
HSRP
Hot Standby Router Protocol
Router1:
interface ethernet 0/0 bandwidth 128 ip address 169.223.10.1 255.255.255.0 standby 10 ip 169.223.10.254
Router 1 Router 2
Internet or ISP backbone
Router2:
interface ethernet 0/0 bandwidth 1500 ip address 169.223.10.2 255.255.255.0 standby 10 priority 150 preempt delay 10 standby 10 ip 169.223.10.254 standby 10 track serial 0 60
2200 1303_06_2000_c2
Server Systems
10
IP Broadcast Control
Subnet or directed broadcast->w.x.y.255 All net broadcast->255.255.255.255 IP directed broadcasts are dropped by default ip helper-address forwards ip forward-protocol packets ip directed-broadcast floods ip forward-protocol packets To be forwarded:
The packet must be a MAC-level broadcast. The packet must be an IP-level all or major network broadcast. The packet must be a TFTP, DNS, Time, NetBIOS, ND, or BOOTP packet, or a UDP protocol specified by the ip forward-protocol udp global configuration command. The time-to-live (TTL) value of the packet must be at least two.
2200 1303_06_2000_c2
11
IP Helper Address
Specified on the input interface Indicates direction toward broadcast destination Forwards ip forward-protocol broadcast packets, specifically:
TFTP, DNS, bootp, DHCP, TACACS, time, NetBIOS name and datagram servers
Router A: interface ethernet 0 ip helper-address 10.2.1.3
2200 1303_06_2000_c2
e0
A
TFTP server 10.2.1.3

12
IP Forward Protocol
Flooded UDP packets have destination address changed to ip broadcast-address ip forward-protocol spanning-tree
uses spanning tree database for flooding
ip forward-protocol turbo-flood
speed-up if using spanning tree flooding
Example:
ip forward-protocol spanning-tree bridge 1 protocol dec access-list 201 deny 0x0000 0xFFFF interface ethernet 0 bridge-group 1 bridge-group 1 input-type-list 201
2200 1303_06_2000_c2
13
UDP Broadcast Application
Feed network provides data TIC servers UDP broadcast data Feed network connected to routers for management
2200 1303_06_2000_c2
Feed Network
200.200.200.0
TIC Servers .61 A
e0
e0 B
164.53.7.0 .62
164.53.8.0
164.53.9.0
164.53.10.0
Trader Networks
14
Helper Addresses
IP helper added to router interfaces on TIC network Each router sees the other routers broadcasts Each station receives multiple copies of data
2200 1303_06_2000_c2
Feed Network
200.200.200.0
TIC Servers .61 A B
164.53.7.0 .62
164.53.8.0
164.53.9.0
164.53.10.0
Trader Networks
15
UDP Forward Protocol

Configure spanning tree Filter non-routed protocols STP path costs set
A = 100 default B = 50
164.53.8.0 164.53.9.0 164.53.10.0
Feed Network
200.200.200.0
TIC Servers .61 A B
164.53.7.0 .62
Router A default router

IRDP preference
2200 1303_06_2000_c2
Trader Networks
16
Router A Configuration
ip forward-protocol spanning-tree ip forward-protocol udp 111 ! interface ethernet 0 ip address 200.200.200.61 255.255.255.0 ip broadcast-address 200.200.200.255 ! interface ethernet 1 ip address 164.53.7.61 255.255.255.192 ip broadcast-address 164.53.7.63 ip irdp preference 100 bridge-group 1 bridge-group 1 input-type-list 201 ! bridge 1 protocol dec bridge 1 priority 255 access-list 201 deny 0xFFFF 0x0000
2200 1303_06_2000_c2
17
Router B Configuration
ip forward-protocol spanning-tree ip forward-protocol udp 111 ! interface ethernet 0 ip address 200.200.200.62 255.255.255.0 ip broadcast-address 200.200.200.255 ! interface ethernet 1 ip address 164.53.7.62 255.255.255.192 ip broadcast-address 164.53.7.63 ip irdp preference 90 bridge-group 1 bridge-group 1 path-cost 50 bridge-group 1 input-type-list 201 ! bridge 1 protocol dec bridge 1 priority 255 access-list 201 deny 0xFFFF 0x0000
2200 1303_06_2000_c2
18
Default Routes
2200 1303_06_2000_c2
19
Default Routes
Route used if no match is found in forwarding table Can be carried by routing protocols Two models
Special network number: 0.0.0.0 Flagged in routing protocol
CITY
WORLD
Protocols support multiple models

2200 1303_06_2000_c2
20
Creating a Default Route

default-gateway is for host mode RIP, RIPv2: network 0.0.0.0 IGRP, EIGRP: ip default-network OSPF, ISIS, BGP: default originate
2200 1303_06_2000_c2
21
ISIS Example
Service Provider Running BGP
ISIS 19.0.0.0
L1
19.1.1.1 19.1.1.2
L1L2
ISIS S1 19.0.0.0
ip route 0.0.0.0 0.0.0.0 s1 router isis network 19.0.0.0 default-information originate

L1 default is nearest L1L2 router Both L1 and L2 ISs can generate a default route A L1 IS will always prefer a L1 default route before using the closest L2 capable IS
2200 1303_06_2000_c2
22
BGP Example
Service Provider Running BGP IGP 19.0.0.0
iBGP 19.1.1.1 19.1.1.2
eBGP
router bgp 164 default-information originate
Allows redistribution of 0.0.0.0 Same as adding network 0.0.0.0

2200 1303_06_2000_c2
23
Conditional Default
ip prefix-list cond permit 10.1.1.0/24 ! route-map def-cond permit 10 match ip address prefix-list cond ! router rip default-information originate route-map def-cond
Inserts a default route if the condition in the route map is met In this case, if network (prefix) 10.1.1.0/24 is present, advertise a default
2200 1303_06_2000_c2
24
Filtering Route Data
2200 1303_06_2000_c2
25
Passive Interface
Prevents routing updates from being transmitted out an interface Don waste resources generating updates on t interfaces that have no need for them (loopback) Can also use passive-interface default
s0
router xxx passive interface serial 0 neighbor w.x.y.z

2200 1303_06_2000_c2
26
Route Filtering
Selectively announce routes, per neighbor
Hide part of the topology/connectivity
Network X
Selectively accept routes, per neighbor

Refuse erroneous make-believe announcements Protect against redistribution loops
Route filter with distribute-list command Can filter anywhere in distance-vector protocols:
RIP, IGRP, EIGRP, RIPv2 and BGP
Advertise B and Y
Network A
Can filter at redistribution points between any protocols:

RIP, EIGRP, OSPF, IGRP, IS-IS, BGP, Static, etc.
Advertise B and X
Network B
Use route-maps at redistribution points

Based on extended access-lists for route prefixes Based on tags of route origin or history Based on AS filters in BGP
2200 1303_06_2000_c2
Network Y
27
Filtering Incoming Updates

Control input of routing data
10.0.0.0 172.16.1.0 10.0.0.0 129.1.1.0
s0 Partner Network
distribute list 1 in serial 0 access-list 1 permit 129.1.0.0 access-list 1 deny 0.0.0.0 255.255.255.255
2200 1303_06_2000_c2
28
Filtering Outgoing Updates

Useful to propagate default route
s0
router eigrp 111 network 128.1.0.0 distribute list 1 out serial 0 access-list 1 permit 128.1.0.0 0.0.0.0 ip default network 128.1.0.0
2200 1303_06_2000_c2
29
Precedence of Filters
Filter routing updates in or out bound Interface specific or global Evaluation order: interface, global Example:
access-list 1 deny 1.0.0.0 0.255.255.255 access-list 2 permit 1.2.3.0 0.0.0.255 router rip distribute-list 1 in ethernet 0 distribute-list 2 in
List 2 is overridden on interface ethernet 0

2200 1303_06_2000_c2
30
ACL Oversights
Access control lists can filter routing updates
RIP RIPv2 IGRP EIGRP OSPF ISIS BGP
2200 1303_06_2000_c2
UDP Port 520 UDP Port 520 IP Protocol Field 9 IP Protocol Field 88 IP Protocol Field 89 SAP 0xFEFE; Protocol 83 TCP Port 179
255.255.255.255 224.0.0.9 (Default) 255.255.255.255 255.255.255.255 224.0.0.10 224.0.0.5 (AllOSPFRouters) 224.0.0.6 (DRRouters) 01:80:C2:00:00:15 Neighbor Address
31
Secure Routing Route Authentication

Configure: Key and Hash Function
Campus
Signs Route Updates
Signature Route Updates
Verifies Signature
Certifies authenticity of neighbor and integrity of route updates

2200 1303_06_2000_c2
32
Signature Generation
Routing Update
Router A
Hash Function
Hash
Signature
Routing Update
Signature
Signature = Encrypted Hash of Routing Update

2200 1303_06_2000_c2
33
Signature Verification
Router B
Signature Routing Update
Receiving Router Separates Routing Update and Signature
Routing Update Signature Decrypt Using Preconfigured Key Hash If Hashes Are Equal, Signature Is Authentic
2200 1303_06_2000_c2
Re-Hash the Routing Update

Hash Function
Hash
34
Authentication in RIPv2
key chain kal key 1 A key-string 234 ! interface Serial2 ip rip authentication mode md5 ip rip authentication key-chain kal ! key chain ka2 router rip key 1 version 2 B key-string 234 ! interface Serial1/0 ip rip authentication mode md5 ip rip authentication key-chain ka2 ! router rip version 2
2200 1303_06_2000_c2
35
Authentication
RIP uses text and MD5
also validate-update-source
(E)IGRP uses MD5 OSPF has text and MD5 per area and intf ISIS has text per area and domain
MD5 authentication is on the way
BGP uses MD5 per neighbor

2200 1303_06_2000_c2
36
Distance
2200 1303_06_2000_c2
37
Default Administrative Distances

Route Source Connected Interface Static Route Enhanced IGRP Summary Route External BGP Internal Enhanced IGRP IGRP OSPF IS-IS RIP EGP External Enhanced IGRP Internal BGP Unknown, Discard Route
2200 1303_06_2000_c2
Default Distance 0 1 5 20 90 100 110 115 120 140 170 200 255
38
Modifying Default Distance
distance weight [address mask [access-list-number] address and mask specify the source access list applies to content ip route dest next-hop distance Remember the floating static route?
2200 1303_06_2000_c2
39
Using Distance
192.31.7.0
.2
.1
.2
128.88.1.0
.1
.3
router rip network 192.31.7.0 network 128.88.0.0 distance 255 distance 90 128.88.1.3 0.0.0.0 distance 120 192.31.7.0 0.0.0.255
2200 1303_06_2000_c2
40
Redistribution
Hops = Bandwidth = Compound = AS-PATH ?
2200 1303_06_2000_c2
41
Redistributing Routes
Under a router xxx command, redistribute:
a source protocol: bgp | igrp | isis | ospf | static | connected | rip a value for the destination protocol: metric a route map for filtering: route-map scope of redistribution: subnets as well as some protocol specific parameters
RIP
OSPF
2200 1303_06_2000_c2
42
Default Metrics
The first, or seed, metric for a route is derived from being directly connected to a router interface
Re-distributed routes are not physically connected default-metric establishes the seed metric for the route Once a compatible metric is established, the metric can increment just like any other route Set default metric bigger than the biggest native metric
2200 1303_06_2000_c2
43
Configuring Default Metrics
default-metric bandwidth delay reliability loading mtu Used for IGRP and Enhanced IGRP redistribution default-metric number Used for OSPF, RIP, ISIS, and BGP redistribution
2200 1303_06_2000_c2
44
Offset Lists
Increases incoming and outgoing metric (hops or delay) Add 10 to the delay component of routes matching access list 21 when outbound
router igrp offset-list 21 out 10 access-list 21 ..
Add 5 to routes learned from interface Ethernet 0

router rip offset-list in 5 ethernet 0
2200 1303_06_2000_c2
45
Filtering Redistribution with Access Lists

Filter routing updates in or out bound Interface specific or global or redistribution Evaluation order: interface, redistribution, global Example
access-list 1 deny 10.0.0.0 0.255.255.255 access-list 2 permit 10.2.3.0 0.0.0.255 router rip default-metric 1 redistribute igrp 20 distribute-list 1 out igrp 20 distribute-list 2 out
2200 1303_06_2000_c2
46
Route Maps for Filtering Example
Redistribute RIP routes with a hop count equal to 1 into OSPF These routes will be redistributed into OSPF as external LSAs with
a metric of 5, metric type of Type1 a tag equal to 1.
router ospf 109 redistribute rip route-map rip-to-ospf ! route-map rip-to-ospf permit match metric 1 set metric 5 set metric-type type1 set tag 1
2200 1303_06_2000_c2
47
Feedback Loops
When crossing a redistribution boundary, information is lost A physical or logical loop causes a route to be advertised back to the redistributing router that first advertised it How does the router know which route to accept?
Answer: it can know t Humans have to re-insert the lost information
2200 1303_06_2000_c2
48
Implementation Considerations
RIP RIP 172.16.0.0 RIP
172.16 172.16
EIGRP
172.16
AS 300 EIGRP
ASBR ASBR
EIGRP
172.16
Routing feedback
Suboptimal path selection Routing loops
Incompatible routing information Inconsistent convergence time

2200 1303_06_2000_c2
49
Filter to Avoid Redistribution Feedback

IGRP Process RIP Process
172.16.2.0
172.16.1.0
Filter 172.16.1.0 Allow 172.16.2.0
Filter 172.16.2.0 Allow 172.16.1.0
Impose split horizon when redistributing

2200 1303_06_2000_c2
50
Policy Routing
When Destinations Aren t Enough
2200 1303_06_2000_c2
51
Policy Routing
Forwarding decision not based on destination address Selects defined path based on attributes of user packet (source/destination IP address, application port, packet lengths, and so forth) Set next hop or interface Set default next hop or interface
Customer A ISP A
Customer B
2200 1303_06_2000_c2
ISP B
52
How Policy Routing Works

All packets received on an interface are considered for policy routing Each packet is passed through a route map Each entry in a route map has match and set clauses Match clauses are conditions to be met If all match clauses conditions are met by the packet, then that route map entry is used and no others are considered An entry can be marked permit or deny If deny, normal forwarding is used If is permit, all set clauses are then applied and the packet is forwarded
2200 1303_06_2000_c2
53
Policy Routing Match Clauses
Match packets against the access lists to permit policy routing of them
match ip address access-list-expressions
If the Layer3 packet length is between min-length and max-length, inclusive, the packet matches Useful for distinguishing interactive versus bulk traffic when access lists will not work
match length min-length max-length
2200 1303_06_2000_c2
54
Policy Routing Set Clauses

set ip next-hop ip-address1 []
Route packets to router at ip-address1

set ip default next-hop ip-address1 []
If there is no explicit route for this destination, then route to this hop Both use the first IP address associated with an up/up interface
2200 1303_06_2000_c2
55

set interface interface1 []
Specifies the output interface for the matched packet

set default interface interface1 []
If there is no explicit route for this destination, then route to this interface If interface1 is down interface2 and subsequent interfaces are tried Setting interface to Null0 creates a policy that drops the packet
2200 1303_06_2000_c2
56

value 0 1 2 3 4 5 6 7 name routine priority immediate flash flash-override critical internet network
value 0 1 2 4 8
name normal min-monetary-cost max-reliability max-throughput min-delay
set ip precedence value
set ip tos value
Set the IP TOS or precedence header field Can use numeric or symbolic value
2200 1303_06_2000_c2
57
Policy Routing Configuration

The set commands are evaluated in the following order:
set ip precedence set ip next-hop set interface set ip default next-hop set default interface
A valid next hop implies the output interface The first combination of next hop and interface is used Router sourced packets are policy routed via ip local route-map foo command
2200 1303_06_2000_c2
58
Policy Routing Example

interface Ethernet0 ip address 192.168.93.10 255.255.255.0 ip policy route-map foo interface Serial1 ip address 11.0.0.2 255.0.0.0 interface BRI0 ip address 10.0.0.2 255.0.0.0
s1 bri0
telnet and ping ftp
route-map foo permit 12 192.168.93.0 set default interface Null0 route-map foo permit 11 match ip address 103 set ip next-hop 10.0.0.1 route-map foo permit 10 match ip address 101 set ip next-hop 11.0.0.1 access-list 101 permit tcp 192.168.93.0 0.0.0.255 any eq telnet access-list 101 permit icmp any any access-list 103 permit tcp 192.168.93.0 0.0.0.255 any eq ftp
2200 1303_06_2000_c2
59
NetFlow Policy Routing (NPR)

Powerful traffic engineering ISP and/or application selection Distributed performance and flow acceleration IP precedencebased QoS
2200 1303_06_2000_c2
Premium ISP
E.g. ERP Application NPR NPR
Standard ISP
E.g.
E-mail
Enterprise Backbone
60
NetFlow Policy Based Routing

No flow acceleration if any match packet-size clause is used
Packet size is not part of a flow definition
If the router is policy routing packets to a next hop and it is down, the router will try unsuccessfully to use ARP (which is down). This behavior will continue forever To prevent this, configure the router to first verify that the next hop(s) of the route map is a CDP neighbor(s) before routing to that next hop set ip next-hop verify-availability is not supported in dCEF since it doesn support CDP t
2200 1303_06_2000_c2
61
NPR Example
Configure CEF, NetFlow, and NetFlow with flow acceleration Configure policy routing to verify that next hop 50.0.0.8 of route map test is a CDP neighbor before the router tries to policy route to it If the first packet is policy routed via route map 10, the packets of the same flow always take the same route map (10), not route map 20, because they all match or pass access list 1 check Policy Routing can be flowaccelerated by bypassing the access-list check
2200 1303_06_2000_c2
ip cef ip flow-cache feature-accelerate interface ethernet0/0/1 ip route-cache flow ip policy route-map test route-map test permit 10 match ip address 1 set ip precedence priority set ip next-hop 50.0.0.8 set ip next-hop verify-availability route-map test permit 20 match ip address 101 set interface Ethernet0/0/3 set ip tos max-throughput
62
Routing to the Internet

To Infinity and Beyond!
2200 1303_06_2000_c2
63
The Internet Challenge
On the Internet, nobody knows you a dog. re

2200 1303_06_2000_c2
64
Ingress and Egress Route Filtering

There are routes that should not be routed on the Internet
RFC 1918 127.0.0.0/8 Multicast blocks Martian Networks
BGP should have filters applied so that these routes are not advertised to or propagated through the Internet
2200 1303_06_2000_c2
65
Ingress and Egress Route Filtering

Access List
access-list 180 deny ip host deny ip 10.0.0.0 deny ip 127.0.0.0 deny ip 169.254.0.0 deny ip 172.16.0.0 deny ip 192.0.2.0.0 deny ip 192.168.0.0 deny ip 224.0.0.0 permit ip 0.0.0.0 0.255.255.255 0.255.255.255 0.0.255.255 0.15.255.255 0.0.0.255 0.0.255.255 31.255.255.255 any any 255.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 255.255.0.0 0.0.255.255 255.240.0.0 0.15.255.255 255.255.255.0 0.0.0.255 255.255.0.0 0.0.255.255 224.0.0.0 31.255.255.255 any
2200 1303_06_2000_c2
66
Multiple Sessions to an ISP

Simplest scheme is to use defaults Learn/advertise prefix for better control Use eBGP multi-path to install multiple paths in IP table
maximum-path <number>
D
ISP
F
Load share over the alternate paths

2200 1303_06_2000_c2
AS 201
67
What Is Multihoming?
Connecting to two or more ISPs to increase:

Reliability: one ISP fails, still OK Performance: better paths to common Internet destinations
Customer AS 100
160.10.0.0/16
Three common cases:

Default from all providers
AS 200
D
AS 300
E
Customer+default routes from all

A B
Full routes from all
AS 400
C
2200 1303_06_2000_c2
68
Sessions to Multiple ISPs

ISP 1
Difficult to achieve load sharing Point default towards one ISP Learn selected prefixes from second ISP Modify the number of prefixes learned to achieve acceptable load sharing
2200 1303_06_2000_c2
ISP 2
AS 201
69
Default from All Providers

Low memory/CPU/$$$ solution Provider sends BGP default => exit path decided by IGP metrics to reach default Customer sends all local AS routes to provider => inbound path AS 100 160.10.0.0/16 decided by Internet
You can try to influence using AS-path
2200 1303_06_2000_c2
AS 200
D
AS 300
E
0.0.0.0
A B
0.0.0.0
AS 400
C
70
Customer and Default From All Providers

Medium memory and CPU Best path usually shortest AS-path Use local-preference to override based on prefix, as-path, or community IGP metric to default used for all other destinations
Customer AS 100
160.10.0.0/16
Provider AS 200
D E
Provider AS 300
AS 400
2200 1303_06_2000_c2
C
71
Full Routes from All Providers

Higher memory/CPU/$$$ solution Reach all destinations by best path Usually shortest AS path Can still manually tune using local-pref and as-path/community/prefix matches
AS 100 AS 500
AS 200
D A B
AS 300
E
AS 400
2200 1303_06_2000_c2
C
72
Conclusion
Be Careful Out There
2200 1303_06_2000_c2
73
Summary Part 1
Under normal operation, there should be exactly one interior routing protocol on any network segment
Use passive-interface as necessary to ensure this
The number of redistribution boundaries should be kept to a minimum Run as few routing protocols as possible
2200 1303_06_2000_c2
74
Summary Part 2
Choose routing protocol based on matching requirements with features Addressing should be contiguous with respect to topology Redistribute routes only as necessary and as few as required Use advanced features for special cases and for fine tuning Test and understand before you implement
2200 1303_06_2000_c2
75
Recommended Reading
IP Routing Protocols : RIP, OSPF, BGP, and Cisco Routing Protocols by Uyless Black, ISBN: 0130142484 EIGRP for IP : Basic Operation and Configuration by Alvaro Retana, Russ White, Don Slice, ISBN: 0201657732 EIGRP Network Design Solutions, by Ivan Pepelnjak, ISBN: 1578701651 OSPF : Anatomy of An Internet Routing Protocol by John T. Moy, ISBN: 0201634724 OSPF Network Design Solutions by Thomas M. Thomas, ISBN: 1578700469 Large-Scale IP Network Solutions : CCIE Professional Development by Khalid Raza, Mark Turner, Salmad Asad, ISBN: 1578700841 Internet Routing Architectures, by Bassam Halabi, Danny McPherson, ISBN: 157870233x Routing in the Internet by Christian Huitema, ISBN: 0130226475 and of course:
http://www.cisco.com
2200 1303_06_2000_c2
76
Advanced Routing Technologies

By Itsik Malka imalka@cisco.com
2200 1303_06_2000_c2
77
Please Complete Your Evaluation Form

Session 2200
2200 1303_06_2000_c2
78
2200 1303_06_2000_c2
79
2200 1303_06_2000_c2
80

2200 Advanced Routing Protocols

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2200 Advanced Routing Protocols

Uploaded by

Copyright:

Available Formats

2200 1303_06_2000_c2

2000, Cisco Systems, Inc.

Advanced Routing Technologies

2000, Cisco Systems, Inc.

2000, Cisco Systems, Inc.

How Hosts Transmit

HSRP Hot Standby Router Protocol

10.1.1.2 00:10:7B:04:88:CC 10.1.1.1 00:10:7B:04:88:AA

HSRP RFC 2281

Router Group #1 Primary

Standby Router Group #2

Internet or ISP backbone

TFTP server 10.2.1.3

UDP Broadcast Application

TIC Servers .61 A

TIC Servers .61 A B

UDP Forward Protocol

TIC Servers .61 A B

Router A default router

2000, Cisco Systems, Inc.

Protocols support multiple models

Creating a Default Route

2000, Cisco Systems, Inc.

ip route 0.0.0.0 0.0.0.0 s1 router isis network 19.0.0.0 default-information originate

router bgp 164 default-information originate

Allows redistribution of 0.0.0.0 Same as adding network 0.0.0.0

Filtering Route Data

2000, Cisco Systems, Inc.

router xxx passive interface serial 0 neighbor w.x.y.z

Selectively accept routes, per neighbor

Can filter at redistribution points between any protocols:

Use route-maps at redistribution points

Filtering Incoming Updates

Filtering Outgoing Updates

List 2 is overridden on interface ethernet 0

2000, Cisco Systems, Inc.

Secure Routing Route Authentication

Certifies authenticity of neighbor and integrity of route updates

Signature = Encrypted Hash of Routing Update

Receiving Router Separates Routing Update and Signature

Re-Hash the Routing Update

BGP uses MD5 per neighbor

2000, Cisco Systems, Inc.

Default Administrative Distances

Modifying Default Distance

2000, Cisco Systems, Inc.

2000, Cisco Systems, Inc.

Configuring Default Metrics

Add 5 to routes learned from interface Ethernet 0

Filtering Redistribution with Access Lists

Route Maps for Filtering Example

2000, Cisco Systems, Inc.

Incompatible routing information Inconsistent convergence time

Filter to Avoid Redistribution Feedback

Filter 172.16.1.0 Allow 172.16.2.0

Filter 172.16.2.0 Allow 172.16.1.0

Impose split horizon when redistributing

How Policy Routing Works

Policy Routing Match Clauses

2000, Cisco Systems, Inc.

Policy Routing Set Clauses

Route packets to router at ip-address1