IP Routing Overview 2/2

A. Routing Protocols:

1. EGPs are much more complicated than IGPs because they handle more routing information while performing better route summarization.

2. Distance-Vector and Link-State Routing Protocols:

a. Distance-Vector Protocols:

(1) They provide 2 information for every route: a distance (metric) and a vector (next-hop).
(2) A lower metric value means a better route.

b. Link-State Routing Protocols:

(1) They build network topology on each router and broadcast only changes to the entire network.
(2) Link-State information saves network bandwidth by reducing the amount of routing traffic needed for routing updates.

3. Administrative Distance:

a. Each route is assigned an administrative distance, based on how the route was learned.

b. Think of the route’s metric as the preference of a route, while the administrative distance is the preference of how the route was discovered.

c. A route to a network attached to a directly connected interface is the most preferred route.

B. Split Horizon:

1. Stop routing loops by telling the router NOT to advertise routes out the same interface which the route was originally learned.

=> If a router learns about a route on a particular interface, it doesn’t broadcast that route information out that interface.

2. Split horizon can’t prevent routing loops involving 3 or more routers, but it’s effective at preventing loops b/w 2 routers.

3. Split horizon is enabled by default on most interfaces.

4. Should disable split horizon on a multipoint subinterface.

5. Disable split horizon on a multipoint subinterface.

no ip split-horizon

6. Routing protocols can often work out routing loops on their own; however, split horizon solves the problem more efficiently because it prevents the loops from developing in the first place.

C. Static Routing:

1. Use interface:

ip route 10.35.15.5 255.255.255.255 Etherenet0

It sends packets destined to the single host 10.35.15.5  out through the Ethernet0 interface. The router will need to figure out which device on this segment to forward the packet to because it must put the MAC address of the next-hop router in the Layer 2 frame header.

The standard mechanism for associating IP addresses with MAC address is ARP (Address Resolution Protocol). The router will send out an ARP request broadcast on the Ethernet segment.

If the device that owns the packet’s destination IP happens to be on this segment, it’ll respond with its MAC address. Otherwise, a router configured for proxy ARP will have to respond on its behalf. If you dont have proxy ARP configured on the next-hop router, this command will fail.

For multiple access media such as Ethernet segments, It’s beeter to specifying the IP address of the next-hop router rather than the interface.

2. “permanent” keyword

ip route 172.16.0.0 255.255.0.0 10.35.6.1 permanent

It ensures the static route always remains in the routing table,, even if the next-hope interface is down.

There is a danger that the dynamic routing protocol will install a route that you dont want to use, so it may be preferable to drop the packets rather than to use the dynamic route.

3. Routing tags:

ip route 172.16.0.0 255.255.0.0 10.35.6.1 tag 36291

Routing tags are used when redistributing from one routing protocol to another.

4. Administrative Distance value:

ip route 172.16.0.0 255.255.0.0 10.35.6.1 5

The router will use this distance value to decide between routes to the same destination prefix from different sources.

5. Floating Static Routes:

ip route 10.0.0.0 255.0.0.0 172.16.1.1 190

Router will use a floating static route for a particular network prefix ONLY IF that same route is not available from the dynamic routing protocol. It can be accomplished by setting the AD (administrative distance) of the static route to a value gureater than AD of the dynamic routing protocol.

*Remember: the router will always use the route that has the most precise match (longest netmask).

For example, if the router has learned a route for 10.35.15.0/24 from OSPF, and also has a static route for 10.35.15.0/17 with AD=190, it’ll use the static route even it has a higher AD.

*The AD is only used to decide between competing routes of the same mask length.

Floating static routes are often used to trigger automated backup mechanisms when the routing protocol fails.

6. Using Policy-based Routing to route based on Source address:

access-list 1 permit 10.15.35.0 0.0.0.255
access-list 2 permit 10.15.36.0 0.0.0.255
interface Ethernet0
 ip address 10.15.22.7 255.255.255.0
 ip policy route-map Engineers
 ip route-cache policy
route-map Engineers permit 10
 match ip address 1
 set ip next-hop 10.15.27.1
 set ip next-hop verify-availability
route-map Engineers permit 20
 match ip adddress 2
 set default next-hop 10.15.47.1
 (set default interface Null0)

Policy-based routing allows you to configure special routing rules beyond the normal Ip routing table.

*Every route map ends with an implicit deny all.

“next-hop verify-availability” uses CDP. You have to ensure that CDP is enabled on the interface leading to this next-hop device. (That device must be another Cisco router and running CDP.)  This verification process can cause performance problems. Furthermore, CDP uses long timeout period by default (180 seconds), so it’s slow to respond to failures.

“default next-hop” forces the router to discard the packets rather than using the router’s general default gateway.

“ip route-cache policy” tells the router to use fast switching rather than process switching when processing policy command.

Because policy-based routing overrides the normal routing tables within the router, it can result in some confusing troubleshooting problems. Such as trying to ping from the router. The ICMP packets originating on the router will not be subject to the routing policy. So, you may find that you can ping, but that application doesn’t work for certain users.

*Recommend AVOID policy-based routing.

IP Routing Overview 1/2

IP routing works by comparing the destination addresses of IP packets to a list of possible destinations called the routing table. The destination address in a packet usually identifies a single host, which is called unicast routing.

1. A router needs information about how to reach various parts of the network. It can get this information through static routing or by exchanging routing information with other routers, which uses routing protocols.

2. An autonomous system is a collection of routers that is under the control of one organization.

a. OSPF uses a unique number called a process ID to identify the routing process on the router.

b. RIP doesn’t use AS numbers because it shares routes with any neighboring RIP router that will listen.

A. Subnet:

A subnet is a summary address representing a group of adjacent hosts. There are two different sets of rules for how groups of subnets can be summarized together: class and classless. (Classless is often referred to by CIDR (Classless Inter-Domain Routing).

You can turn on CIDR in Cisco routers with the global configuration command “ip classless“, which is on by default.

The biggest difference between classful and classless addressing: Classful addressing assumes that the first few bits of the address tell you how big the network is.

Class
Range of network addresses
Range in Binary
Mask
CIDR
suffixMask bits


A
0.0.0.0-127.255.255.255
00000000-01111111
255.0.0.0
/8
8


B
128.0.0.0-191.255.255.255
10000000-10111111
255.255.0.0
/16
16


C
192.0.0.0-223.255.255.255
11000000-11011111
255.255.255.0
/24
24


D
224.0.0.0-239.255.255.255
11100000-11101111
not defined
/4
32


E
240.0.0.0-255.255.255.255
11110000-11111111
not defined
/4
32

Router decides where to send a packet by comparing the destination address in the header of the IP packet with its routing table. This is the Longest Match Rule: router MUST always use the most specific match in the table, which is the entry has the most bits in its netmask.

Classless routing can use a mask of any length when looking for the best route to a destination, but classful routing cannot. For example, CIDR would allow the 4 networks 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24 and 192.168.7.0/24 to be written as 192.168.4.0/22. But a router using classful routing would not consider the destination address 192.168.5.15 to be a part of 192.168.4.0/22 because it knows that anything beginning with 192 must be a Class C network. If there was no specific route for 192.168.5.0/24 or a subnet containing this destination, the router would skip straight to the default route.

B. Summary Routes:

CIDR allows more levels of route summarization, you can simplify your routing tables so they take up less memory in the routers. This can improve network performance.

Router will keep its summary route as long as any of its subnets exist. This means the summary route is as stable as the most stable route in the summarized range. Without summarization, if there is one route that repeatedly flaps up and down, the routing protocol must propagate every transition throughout the network.

A summary route can hide this instability from the rest of the network. The routing protocol doesn’t need to waste resources installing and removing the flapping route, which improves overall network stability.

C.”show ip route summary” command:

“show ip route summary” command give useful information about the size of the routing table and how much memory the router has allocated to storing this information by breaking down each routing protocol.

1. A convenient way to estimate the routing table’s memory requirements. This can help you decide if you need route filtering or summarization mechanisms. Routers exchanging BGP routing information with the public Internet can have particularly serious memory utilization problems.

2. It shows how many routes are learned by each mechanism. You can easily check the stability of the routing table by seeing whether this number changes in time.

3. Easily see whether the routing table is getting the expect information. It’s a very quick and easy way to check if the router is installing floating static routes or external routes in its routing table.

Troubleshooting with ARP

Problem:

All the hosts in the 192.168.10.0/24 subnet of the LAN are facing connectivity issues. The regular applications like web and e-mail are either not working or are extremely slow.

Troubleshooting:

1. Ping the default gateway to verify the connectivity.

2. Ping replies from gateway (192.168.10.254) are successful.

3. Ping to any address beyond the (192.168.10.254) interface (Ethernet 0) fails.

4. do “sh int e0“:

Ethernet0 is up, line protocol is up
Hardware is QUICC Ethernet, address is 0010.7bcc.57eb
Internet address is 192.168.10.254/24

5. do “arp -a” to check the local arp table:

C:\> arp -a
Internet Address   Physical Address     Type
192.168.10.254      00-d0-c8-af-e2-5e dynamic

* The incorrect mapping misdirects all the Internet traffic to the host with the wrong MAC.
=> Possible causes of the incorrect entry:

a. IP of the default gateway is used by another host in the local subnet.
b. A local host is running a malicious program to poison the arp table of all the hosts in the subnet.

6. Clear the arp table and manually map the IP:

C:\> arp -d 192.168.100.254
C:\> arp -s 192.168.10.254 00-10-7b-cc-57-eb

7. Verify the arp table:

C:\> arp -a
Internet Address   Physical Address     Type
192.168.10.254      00-10-7b-cc-57-eb  static