Saturday, February 26, 2011

Lesson 43 - EIGRP Fundamentals Part 1 - Overview

EIGRP is a Cisco Proprietary Routing Protocol. It is classified as an Advanced Distance Vector solution. EIGRP is a fast, modern and robust routing protocol offering features we expect to find in the routing protocol these days (as of the time of writing this tutorial).

EIGRP Characteristics
  • Advanced Distance Vector Protocol - EIGRP routers, similarly to RIP, create the database in which only distance (how far) and direction (next-hop) are given. As a result of that, routers do not know the exact topology of the network. However, like in link-state algorithm, EIGRP routers are going to discover their neighbors using EIGRP Hello packets, form adjacency and exchange the routing databases reliably with their neighbors.
  • Flexible Design - EIGRP does not use the concept of areas found in OSPF. It is less demanding in terms of the design allowing less experienced engineers implement it quickly. It supports summarization of prefixes on per interface-basis (unlike OSPF which does it on ABRs/ASBRs only). 
  • Incremental Updates - Routing updates are not advertised periodically. They are exchanged reliably once (must beacknowledged). In stable network, only hello packets are transmitted between neighbors to maintain the relationship. In case of the topology change, the updates are sent to the routers that should receive it. The routers take into consideration how long it takes to send the reliable packet and get the response from a neighbor. Based on that, they determine how long they should wait to re-send the upate in case they did not get the acknowledgement. 
  • VLSM Support - Although EIGRP is primary Distance Vector Protocol, it is a classless protocol which supports variable length subnet masking. In order to turn it on, you must use the 'no auto-summary' keyword in the routing process 'config-router'.
  • Rapid Convergence - In case the EIGRP domain is designed with redundant connections and certain criteria are met (Feasibility Condition) a router can keep information about so called Feasible Successor(s) which are the second best path towards the destination (sort of a backup route). The difference between OSPF/RIP backup paths (second best routes) and EIGRP's feasible successor is that in the latter protocol, the traffic is redirected immediately without recomputing the routing table.
  • Multicast - EIGRP uses multicast and unicast transmissions. Multicast address reserved for EIGRP is 224.0.0.10.
  • 100% Loop Free - The Diffusing Update Algorithm (DUAL) which EIGRP uses, guarantees there are not going to be any loops formed which Distance Vector algorithms are susceptible to (thanks to the Feasibility Condition).
  • Equal and Unequal Cost Load Balancing - EIGRP routers can utilize different paths with different metric performing a load balance. The router calculates the appropriate ratio regarding how many packet should be sent out the interface based on the difference in the metric value between these multiple paths available.
  • Support for multiple layer 3 protocols - EIGRP can natively support IP,  IPX and Apple-Talk protocols (altough in today's IP world this is no longer a major advantage).
Based on my experience with EIGRP (personal opinion), the two major disadvantages of EIGRP are:
  • It is very chatty if the network is not properly designed. Explanation of the design is beyond the scope of this tutorial.
  • It is a Cisco proprietary routing protocol which means it won't work on routers from different vendors.
Terminology

EIGRP Databases
EIGRP creates three databases, similarly to OSPF:
  • Neighbor Table - Lists all neighbors discovered with which it formed adjacency and exchanged routing information.
  • Topology Table - Lists all the paths to all destinations learned. However, it shows only metric and the next-hop router and does not illustrate the real topology like OSPF LSDB.
  • Routing Table - The best metric routes are going to be used to send the traffic. 
EIGRP Composite Metric
EIGRP calculates the metric using pretty complex formula which is beyond the scope of the CCNA tutorial. It is referred to as composite metric. EIGRP uses five different components (so called K-values) to determine the value of the metric. Thus, the composite metric. One of them, MTU (Maximu Transmission Unit), is not factored in directly but changes the way the value is calculated.

By default EIGRP uses two parameters in this magical formula:
  • Bandwidth
  • Delay
All K-values can be seen using: 'show ip protocols' command if EIGRP has been configured. The K-values listed are as follows:
  • K1 - Bandwidth
  • K2 - Load
  • K3 - Delay 
  • K4 - Reliability
  • K5 - MTU
They can be used for traffic engineering (overriding normal route selection process). This helps to address issues with unde/over utilized links. However, configuring additional K-values to accomplish that is not recommended unless an administrator is experienced with EIGRP and knows their network very well.

Topology Database
Terms to remember:
  • Advertised Distance - The best metric a router receives from the neighbor (next-hop device) to a given destination network/subnet. In some documentations it is also referred to as the Reported Distance. Do not confuse this term with Administrative Distance which is the ranking of routing protocols.
  • Feasible Distance -  The total metric value which is a sum of the Advertised Distance and the metric to reach the neighbor (next-hop router towards the destination).
  • Feasibility Condition - The situation in which the Advertised Distance value provided by a alternate neighbor(s) (their best metric) is lower than the best Feasible Distance (metric) through the best router(s) to reach the destination (successor: look below).
  • Feasible Successor - The second best route(s) to a given destination. The router(s) which is/are the second best next-hop router(s) to a given destination meeting the FD (Feasibility Condition).
  • Successor - The best route to a given destination (the least cost metric)
In order to understand the above terms and EIGRP behavior better, let's analyze the process of advertising 192.168.1.0 by R5.

R5 advertises its directly connected network with the metric value of 1. R2R3 and R4 will add their own cost to reach R5 (Pic. 1). The sum of 1 + COST_TO_R5 becomes their successor (best metric). Then we add the R1 to this topology and let's analyze what R1 receives from three neighbors. Take a look at the pic. 1.

Pic. 1 - EIGRP Terminology.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

R1 receives the prefix 192.168.1.0/24 from three neighbors (R2, R3, R4). It calculates the metric value by adding the cost to reach the neighbor (in red) to the metric advertised by this neighbor (in blue aka the advertised distance). The metric (cost if you will, or composite metric to be accurate) that is the lowest becomes the successor route (the best route). If however, other neighbor(s) advertise metric (Advertised Distance) that is lower than the least cost path, this neighbor or these neighbors become the second best next-hop routers towards the destination 192.168.1.0/24 and they are called feasible successors according to the Feasibility Condition:

AD < FD

In such situation, if the best route is not available, the feasible successor (second best) is used immediately without any re-computation of the routing table.

In our Pic.1, R2 is the successor towards 192.168.1.0/24, but R3 becomes the feasible successor (second best gateway) since its advertised distance is 20. This number is lower than the best feasible distance which is 21.

In the next post I will present the basic implementation and verification steps regarding EIGRP.

Friday, February 18, 2011

Lesson 42 - OSPF Fundamentals Part 5 - The Lab

I try to keep these posts as short and informative as possible. Since it takes a moment to do this lab and analyze the results, the troubleshooting section is going to be included in the form of a video presentation at the end of this post (available soon).

Here is our topology. I have removed Frame-Relay links as it goes beyond the scope of this tutorial (some really crazy workbook/journal I started a few days ago might give you an idea about this complexity.

But let's get back to business!

Pic. 1 - OSPF Topology Diagram.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Since there are five different routers and three types of networks (broadcast, point-to-point and loopback) I will create an action plan and implement it step by step. I'll include some stipulations in order to show you a few things which I might have not talked about yet.

Task List

General Requirements:
  • ALL interfaces should be enabled in area 0. 
  • ALL loopback addresses must be advertises with their configured network mask length (/24) or (/28). 
  1. Enable OSPF in the broadcast network connecting R1, R2 and R3. Make sure that R1 is elected the DR and R2 is elected the BDR in the broadcast segment (172.31.123.0/24).
  2. Advertise the loopback subnets on R1, R2 and R3. On R3 do NOT use the network statement to advertise the subnet of Loopback1. On R3, while enabling OSPF on Loopback2 using the 'network' statement, use the wildcard bits corresponding to the network mask configured (/28).
  3. Enable OSPF between R1 and R4. Advertise the subnet found on R4's loopback0.
  4. Enable OSPF between R2 and R5. On R5 use only one network statement to enable OSPF on ALL interfaces (also the ones created in the future).
  5. Enable the Simple Password authentication in area 0. Use the password 'cisco'.
Lab Solution

Step 1
Enable OSPF in the broadcast network connecting R1, R2 and R3.

Note!
Configuration must be done in this order to ensure R1 is elected the DR, R2 is elected the BDR.

R1 Configuration:

!
R1#conf t
R1(config)#interface f1/0
R1(config)#ip ospf priority 20
R1(config-if)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 172.31.123.1 0.0.0.0 area 0
R1(config-router)#exit  

R2 Configuration:

!
R2#conf t
R2(config)#interface f1/0
R2(config-if)#ip ospf priority 10
R2(config-if)#router ospf 1
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 172.31.123.2 0.0.0.0 area 0
R2(config-router)#exit

R3 Configuration:

!
R3#conf t
R3(config)#router ospf 1
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 172.31.123.3 0.0.0.0 area 0
R3(config-router)#exit


Now, let's give the routers a few seconds to go through the finding neighbors, creating adjacencies. Then a quick verification step shows the following:

Pic. 2 - OSPF Adjacencies.
R3 is adjacent with R1 (DR) and R2 (BDR).

Step 2
Advertise the loopback subnets on R1, R2 and R3. On R3 do NOT use the network statement to advertise the subnet of Loopback1. 

Note!
Loopback interfaces are considered the 'stub' networks by OSPF process and advertised with /32 network mask by default. In order to change it, the 'ip ospf network point-to-point' should be used on loopback interfaces.

Note!
After you have enabled OSPF on the loopbacks, you should check before proceeding to the next router's configuration. Use the following command:
Router#show ip ospf int brief 

R1 Configuration:

!
R1(config)#
R1(config)#interface loopback 1
R1(config-if)#ip ospf network point-to-point
R1(config-if)#router ospf 1
R1(config-router)#network 172.31.1.1 0.0.0.0 area 0
R1(config-router)#exit

R2 Configuration:

!
R2(config)#
R2(config)#interface loopback 1
R2(config-if)#ip ospf network point-to-point
R2(config-if)#router ospf 1
R2(config-router)#network 172.31.2.1 0.0.0.0 area 0
R2(config-router)#exit

Note!
The task stipulates that the subnet of Loopback1 must NOT be advertised like others (no network statement). Also, while enabling OSPF on the Loopback2 use the wildcard mask corresponding to the network mask configured there (/28).

R3 Configuration:

!
R3(config)#
R3(config)#interface loopback 2
R3(config-if)#ip ospf network point-to-point
R3(config-if)#interface loopback 1
R3(config-if)#ip ospf network point-to-point
R3(config-if)#ip ospf 1 area 0
R3(config-if)#router ospf 1
R3(config-router)#network 172.31.3.16 0.0.0.15 area 0
R3(config-router)#

Step 3
Enable OSPF between R1 and R4. Advertise the subnet found on R4's loopback1. 

R1 Configuration:

!
R1(config)#
R1(config)#router ospf 1
R1(config-router)#
R1(config-router)#network 172.31.14.1 0.0.0.0 area 0
R1(config-router)#exit

R4 Configuration:

!
R4(config)#interface loopback1
R4(config-if)#ip ospf network point-to-point
R4(config-if)#router ospf 1
R4(config-router)#router-id 4.4.4.4
R4(config-router)#network 172.31.14.4 0.0.0.0 area 0
R4(config-router)#network 192.168.4.1 0.0.0.0 area 0
R4(config-router)#exit

Step 4
Enable OSPF between R2 and R5. On R5 use only one network statement to enable OSPF on ALL interfaces (also the ones created in the future).

R2 Configuration:

!
R2(config)#
R2(config)#router ospf 1
R2(config-router)#network 172.31.25.2 0.0.0.0 area 0
R2(config-router)#exit

R5 Configuration:

!
R5(config)#interface loopback1
R5(config-if)#ip ospf network point-to-point
R5(config-if)#router ospf 1
R5(config-router)#router-id 5.5.5.5
R5(config-router)#network 0.0.0.0 255.255.255.255 area 0
R5(config-router)#exit

Note!
Of course, before you proceed to the the final step (OSPF authentication) you should check if all neighbors are adjacent and all routers can reach all the addresses in the network.

Step 5
Enable the Simple Password authentication in area 0. Use the password 'cisco'.

Note!
This configuration is going to break and re-establish OSPF adjacency.

R1 Configuration:

!
R1(config)#
R1(config)#router ospf 1
R1(config-router)#area 0 authentication
R1(config-router)#int f1/0
R1(config-if)#ip ospf authentication-key cisco
R1(config-if)#int s0/2
R1(config-if)#ip ospf authentication-key cisco

R2 Configuration:

R2(config)#
R2(config)#router ospf 1
R2(config-router)#area 0 authentication
R2(config-router)#int f1/0
R2(config-if)#ip ospf authentication-key cisco
R2(config-if)#int s0/2
R2(config-if)#ip ospf authentication-key cisco

R3 Configuration:

R3(config)#
R3(config)#router ospf 1
R3(config-router)#area 0 authentication
R3(config-router)#int f1/0
R3(config-if)#ip ospf authentication-key cisco

R4 Configuration:

R4(config)#
R4(config)#router ospf 1
R4(config-router)#area 0 authentication
R4(config-router)#int s0/2
R4(config-if)#ip ospf authentication-key cisco

R5 Configuration:

R5(config)#
R5(config)#router ospf 1
R5(config-router)#area 0 authentication
R5(config-router)#int s0/2
R5(config-if)#ip ospf authentication-key cisco

After OSPF authentication has been configured you should check if all the adjacencies have been formed and reachability is restored. If you have a problem with this lab in the troubleshooting sections you will find some tips helping you make this lab work.

Troubleshooting

Troubleshooting short videos available soon.

During the weekend your colleague, who's newly hired junior network administrator, was re-configuring your system. He has accidentally erased all backup configurations and also lost the track of all changes that he introduced. You have been called to help him restore the system.

Initial diagnostics the junior administrator has performed revealed the following problems:

Ticket 1
The subnets: 172.31.3.0/28 and 172.31.3.16/28 are no longer reachable from any other router but R3 (loopback1 and loopback2 on R3).

Video Presentation:
http://www.youtube.com/watch?v=vKZASyZbDmE

Ticket 2
R4 lost connectivity to all subnets in the network except for directly connected ones.

Video Presentation:
http://www.youtube.com/watch?v=HEOrvxKmQSU

Ticket 3
R5 lost connectivity to all subnets in the network except for directly connected ones.

Video Presentation:
http://www.youtube.com/watch?v=BlS3Z5kV_Rk

Final Verification
Ping using Tcl script - an elegant way of checking connectivity.

Video Presentation:
http://www.youtube.com/watch?v=VuubpKq0rxg

The next post is going to be an introduction to EIGRP routing protocol.

Sunday, February 13, 2011

Lesson 41 - OSPF Fundamentals Part 4 - Implementation

In this post, I'm going to present the commands and verification steps with regards to OSPF implementation in a single area. Configuration will also include the authentication of OSPF packets.

If you want to go fancy with OSPF the configuration can be quite challenging. Configuring basic OSPF in a single area is very simple though. There are two basic steps required:
  1. Enable OSPF in the 'config' mode.
  2. Instruct the OSPF process which interfaces should be enabled for OSPF and in which areas the links should operate.
Here is the simple topology we are going to use to see the configuration steps.

Pic. 1 -  Topology Diagram.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

OSPF Basic Configuration
The commands which enables OSPF on an interface can look like the below.

Pic. 2 - Example of OSPF Configuration.
router ospf 1 - This command starts the OSPF process 1 on R1.
network 10.1.0.0 0.0.255.2555 area 0 - This statement enables OSPF process on all interfaces which IP addresses are 10.1.x.x (where x.x can be any number as the last two bytes are not checked by the wildcard mask).

What is the wildcard mask in the above statement?

Wildcard mask is an inversed network mask. The bits in the wildcard mask which are set to '0' will check the corresponding bits in the IP address. The bits in the wildcard mask which are set to '1' will ignore the corresponding bits in the IP address.

Pic. 3 - OSPF Wildcard Mask.
Look at the Pic. 2 again. According to the network statement, OSPF will be enabled on F1/0 and S0/1 of R1 (pic. 1).

What network statement could we use in order to enable OSPF on s0/1 interface but not on F1/0?

I can give you a couple of examples. Remember that wildcard mask will use '0s' to check bits in the address and '1s' will ignore them.

Example 1
R1(config)#router ospf 1
R1(config-router)#network 10.1.13.0 0.0.0.255 area 0

This way the wildcard bits are going to check if there are any interfaces which use IP addresses according to 10.1.13.x (where x is any number). These will be OSPF-enabled.

Example 2
R1(config)#router ospf 1
R1(config-router)#network 10.1.13.1 0.0.0.0 area 0

The second example will enable OSPF on the interface that has the EXACT IP address 10.1.13.1. The wildcard bits consists of all '0s' so ALL the corresponding bits in the IP address used must match in order for the interface to be running OSPF protocol.

As you already know, the moment we enable OSPF on an interface, the routing process begins to send the 'hello' packets trying to discover the neighbor(s). If they are discovered the system begins to check parameters in the OSPF header and hello packet. If they agree on the mandatory fields (hello/dead intervale etc.) the are going through several phases to finally synchronize their LSDBs.

Of course, the network statement with wildcard mask does not influence what network mask is going to be advertised along with the IP address. OSPF, being a classless routing protocol, will advertise their networks/subnets as per configuration on the interfaces. If you want to see this in action please, watch the following video I posted on Youtube:
http://www.youtube.com/watch?v=jECzZJbT5NI

So, let's configure OSPF as per topology diagram (pic. 1) and observe the process of reaching the FULL state (adjacency) using the debug. I will use the most specific wildard mask here but you already know there are a lot of options available to start OSPF on the interfaces.

R1 Configuration:
R1(config)#router ospf 1
R1(config-router)#network 10.1.1.1 0.0.0.0 area 0
R1(config-router)#network 10.1.13.1 0.0.0.0 area 0
R1(config-router)#network 172.16.101.1 0.0.0.0 area 0
R1(config-router)#

R3 Configuration:
R3(config)#router ospf 1
R3(config-router)#network 10.1.3.3 0.0.0.0 area 0
R3(config-router)#network 10.1.13.3 0.0.0.0 area 0
R3(config-rotuer)#network 172.16.103.3 0.0.0.0 area 0
R3(config-router)#

Now, here's the output of the debug statement on R3. Pay attention to the highlighted words and compare them with the OSPF Neighbor State Machine (lesson 38 in the archive of this blog). 

Pic. 4 - Debug IP OSPF Events on R3.
Notice, that it is a point-to-point network, so there is no election of DR and BDR roles.

As part of practical exercise, try to use the same debug in you lab on routers connected using broadcast (Ethernet) links. Watch for DR/BDR election.

OSPF Verification Commands
It is important to be able to perform some basic verification steps. Here are the commands that you will use most often.

First, let's check if our network statement was correct (OSPF is enabled on the appropriate interfaces).

Pic. 5 - OSPF-enabled Interfaces.

You can also see a detailed output which shows more information with regards to OSPF running on an interface. Check it out.

Pic. 6 - OSPF-enabled Interface Detailed Output (Fa1/0).


Then, I want to make sure that R1 is in FULL state with R3. Here's my command:

Pic. 7 - OSPF Neighbor Check.

Two more commands will be useful as well. First one showing the brief output of LSDB (more detailed output is beyond the scope of this tutorial).

Pic. 8 - OSPF Database.

Notice that both R1 and R3 advertise four links. The loopback0, F1/0, and S0/1 which counts as two links (point-to-point interfaces are advertised as two: the IP address of the next hop and the subnet/network IP).

And finally, the content of OSPF routing table:

Pic. 9 - OSPF Routing Table.

OSPF Authentication
As part of implementation we can authenticate OSPF packets to prevent some rouge routers joining our OSPF domain. If someone configures and plugs in the router, it won't become adjacent with others in the domain unless the right method and password are used.

There are two methods to authenticate OSPF packets:
  1. Simple Password - The password is sent in the clear text format.
  2. MD5 - The password is not sent at all. The digest is created using the shared password between neighbors.
Both methods can be implemented using two different ways. 

Let's start with Simple Password method.
Method 1 (password must match on both routers; here: S3cr3t)
R1(config)#router ospf 1
R1(config-router)#area 0 authentication
R1(config-router)#exit
R1(config)#interface serial0/1
R1(config-if)#ip ospf authentication-key S3cr3t

Method 2
R1(config)#interface serial0/1
R1(config-if)#ip ospf authentication
R1(config-if)#ip ospf authentication-key S3cr3t
R1(config-if)#

The first command enables OSPF authentication using Simple Password method (area 0 authentication or ip ospf authentication)

The second command specifies the password that is going to be used (ip ospf authentication-key)

In the first method, OSPF authentication is enabled on ALL interfaces configured to operate in area 0. The second method allows more control as to which interfaces will be sending authenticated OSPF packets.

Pic. 10 - Simple Password Authentication Enabled.

MD5 method can also be configured in two ways.
Method 1 (password must match on both routers; here: S3cr3t)
R1(config)#router ospf 1
R1(config-router)#area 0 authentication message-digest
R1(config-router)#exit
R1(config)#interface serial0/1
R1(config-if)#ip ospf message-digest-key 1 md5 S3cr3t

Method 2
R1(config)#interface serial0/1
R1(config-if)#ip ospf authentication message-digest
R1(config-if)#ip ospf message-digest-key 1 md5 S3cr3t
R1(config-if)#

Both the password (here: S3cr3t) and the key number (here: 1) must match between the neighbors.

Use: show ip ospf int s0/1 to check MD5 authentication.

You might try out the following two commands and see what they show:
R1#show ip protocols
R1#show ip ospf

The next post is going to be the last one in the OSPF series. We are going to configure OSPF in the more complex topology as well as use some troubleshooting techniques to fix the common configuration issues.

Friday, February 4, 2011

Lesson 40 - OSPF Fundamentals Part3 - RouterID and DR/BDR

There are two more notions I need to touch upon before we implement OSPF in our topology. These are: OSPF Router ID and special roles of the routers which are appointed in Broadcast and NBMA (Non-Broadcast Multiple Access) networks called Designated Router (DR) and Backup Designated Router (BDR). I thought I would do the practical implementation here as well, but I want to keep the post as short as possible.

OSPF routers exchange LSAs by flooding them to all OSPF neighbors. This flooding results in creating the same Link-State Database (LSDB) on all routers in the area. LSDB is a topology database, (kind of a "road map"), shared by all routers in the area. Then, each router runs Dijkstra's SPF algorithm to choose the best path to each destination, placing itself as a the root (starting point). The product of SPF algorithm operation is the routing table. Recall that all OSPF packets are encapsulated in the OSPF header (loot at previous post). So, LSAs are signed with the Router ID when the router originates and floods them.

So what is this Router ID in the OSPF world?

Router ID
Router ID is going to be chosen automatically unless configured manually, using the 'router-id A.B.C.D' command in OSPF configuration context. The A.B.C.D are four bytes just like an IP address representing the router ID. It can be changed at a later stage but this may require the process clearing (once the router had its ID chosen, changing it always requires this command):

R1#clear ip ospf process

Clearing the OSPF process is disruptive since the router will need to re-establish adjacency with its neighbors.

Initially, a router tries to choose its ID based on the following order of operation:
  1. Router chooses numerically the highest IP address off of the loopback interface.
  2. In case there is no loopback interface configured, the router is going to choose numerically the highest IP address off of the physical interface. 
Neither of these interfaces have to be enabled for OSPF.

You can find in more in-depth information with regards to the applications of router ID in my Cisco Advanced Study Blog (short, practical posts geared for the CCNPs who want to refresh their skills and primarily for those who want to go beyond the CCNP level).

OSPF DR/BDR
Another concept that requires some explanation is the election of Designated Router (DR) and Backup Designated Router (BDR) elected on Broadcast and NBMA networks (such as Frame-Relay, ATM, X.25). It is a role that is valid on per link basis (Broadcast and NBMA). This means that a router can be DR on F0/0 interface (segment of the network) but BDR or DRother on F0/1 interface.

As you recall, all routers need to establish adjacency (full state) with their neighbors. Only then, are their LSDBs synchronized. The process of sending updates to a great number of neighbors in Broadcast and NBMA networks would be very inefficient as their number can be significant. The routers would create the number of adjacencies according to the following (full mesh) formula:

Number_of_Adjacencies = n(n-1)/2

where the 'n' stands for the number of routers neighbored. In case an LSU (update) is sent, there would be a number of exchanges occurring between all neighbors according to the following formula:

Number_of_LSA_Exchanges = n raised to the power of 2.

Consider the following picture.

Pic. 1 - Broadcast Network with Four Routers.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

The next picture shows in part the LSU propagation of the same failed network on R3. This is only a partial picture. This would have to be done 16 times.

Pic. 2 - Partial LSU Exchange with 4 Routers.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

This situation would be very chaotic indeed. Instead, the system on Broadcast and NBMA networks elect one representative called Designated Router which is going to be responsible for propagation of all updates on this segment. In case of the failure of DR there is going to be a Backup Designated Router elected to assume the role of DR. These roles are initially based on the highest 'priority number' assigned on the interface. The default number is 1, so in case of a tie, the highest Router ID is becoming DR and the second highest becomes the BDR. If a router's interface is set to the priority value of 0, the router automatically becomes DRother and does not participate in the election process.

NOTICE!
DR is the only router authorized to pass the updates on to other routers on Broadcast and NBMA networks. It must have FULL reachability to other routers on the segment.


This is the reason, there are two different addresses reserved for OSPF:
  • 224.0.0.5 - All OSPF enabled routers listen to this address.
  • 224.0.0.6 - DR/BDR router listen to this address.
Hello packets are sent to 224.0.0.5 (unless unicast is used i.e. NBMA networks)
Updates are sent 224.0.0.5 except Broadcast and NBMA network which use 224.0.0.6 address instead.

So, in our example (pic 1, and pic.2), if R3 loses its directly connected network, it sends the update towards 224.0.0.6 (to DR/BDR), and DR is sending this back to all other routers using 224.0.0.5 address. R3 is also going to receive it, but it will silently ignore it as it is the same update (sequence number). Consider the below picture.

Pic. 3 - DR/BDR Elected on Broadcast and NBMA Networks.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

This post ends the theory aspects in relation to OSPF in one area as per CCNA requirements.

In the next post, I will finally put this OSPF knowledge into practice. Then, we will troubleshoot OSPF using the tools learned in the next one.

Tuesday, February 1, 2011

Lesson 39 - OSPF Fundamentals Part2 - Hello Packets

Following the previous post, let's continue to look at OSPF basic operation. In this lesson we will focus our attention on the exchange of OSPF Hello packets in order to reach the state allowing LSA exchange.

If these two posts (38 and 39) are a bit too much for you, try to read them again and next week look at my youtube channel. I should have some video published there showing you these things again but this time in on the command line interface.

Before OSPF routers distribute the routing information among their neighbors, they will go through certain stages of operation as explained in Lesson 38. OSPF packets are utilized to take a router from the DOWN state all the way up to the FULL state of operation. We must then, take a closer look at OSPF packets, especially at the Hello packet without which this magic would not be possible.

OSPF uses five types of packets to communicate (explanation of OSPF packet type can be found in my previous post). They are encapsulated in the OSPF header. The whole packet looks like shown in pic. 1.

Pic. 1 - OSPF Packet Encapsulation.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

OSPF header contains the following pieces of information:

Pic. 2 - OSPF Header.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Version - The OSPF version, currently used version is 2. Version 3 is OSPF for IPv6.

Type - The type of OSPF packet (type 1 through type 5).
  • Type 1 - Hello
  • Type 2 - Database Description
  • Type 3 - Link State Request
  • Type 4 - Link State Update
  • Type 5 - Links State Acknowledgement
Packet Length - The length of the protocol in bytes including the standard OSPF header.

Router ID - The router identifier in OSPF (OSPF labs in my advanced study blog).

Area ID - The 32 bit number representing the area in which the interface operates.

Checksum - The number used to check the integrity of the packet including the header (excluding authentication).

AuType - The type of OSPF packet authentication.
  • 0 - no authentication
  • 1 - simple password (clear text) authentication
  • 2 - MD5 authentication
Authentication - The 64 bit field used for authentication

Hello Packet
In order for OSPF routers to exchange their routing databases, they must first discover themselves using so called Hello protocol and agree on a number of parameters. Hello packet (OSPF Type 1 packet) is used to discover the neighbors and exchange these initial parameters.

The purpose of Hello protocol can be summarized as follows:
  • Hello packets are used to discover OSPF neighbors.
  • Hello packets advertise certain parameters (some of the must match in order to become the router's neighbor).
  • On Broadcast or NBMA networks Hello packets are used to elect DR/BDR roles.
  • Hello packets are used as a keepalive mechanism. If the router does not hear the neighbors' Hello packets in a given time (DeadInterval), it considers it down and invalidates information obtained from it.
  • Hello packets ensure bidirectional communication. The router must see its own RouterID in the 'neighbor' field of the Hello packet it receives.
Before I explain what must match in the Hello packets for the routers to reach so called 2-way state, let's take a look at the Hello packet structure.

Pic. 3 - OSPF Hello Packet.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Network Mask - The network mask of the originating interface.

Hello Interval - How often Hello packets are going to be sent.

Options - OSPF options. One of them is a 1 bit flag called: E-bit which denotes the type of area in which the interface operates (1=normal, 0=stub).

Router Priority - Used on Broadcast and NBMA networks to elect DR/BDR. The higher the number, the more likely for the router to become DR and the second highest number becomes BDR. After the election has been accomplished, the number is no longer used to influence DR/BDR role (non-preemptive).

Router Dead Interval - The maximum time before a silent router is declared down (no Hello packet from it in this time).

Designated Router - DR is elected in Broadcast and NBMA network. This field in the Hello packet carries the IP address of the DR on the common subnet (only Broadcast and NBMA networks).

Backup Designated Router - BDR is elected in Broadcast and NBMA network. This is the IP address of DR on the common subnet (only Broadcast and NBMA networks).

Neighbor - The router IDs from which valid Hello packet was received in the last DeadInterval time.

2-way State
OSPF-enabled router is a bit picky when it comes to its operation and choosing its neighbors. In order for the OSPF routers to exchange LSAs (information about network reachability), they must reach the 2-way state first which indicates that some mandatory parameters in their Hello packets are identical between them. The OSPF header encapsulates the Hello packet. Below picture shows this encapsulation and the light-red dots indicate the parameters that must match between the neighbors.

Pic. 4 - Hello Packet Encapsulation.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

So, in a nutshell, the following conditions must be met for the two routers to become neighbors:
  1. The routers must be on common subnet (it's true for all IGP routing protocols).
  2. The Hello and DeadInterval timers must be identical between the neighbor candidates.
  3. The area ID, where the OSPF-enabled interfaces of both neighbors operate, must be identical.
  4. The type of area where the two neighbors must be identical (either normal or stub area).
  5. The type and authentication password (if used) must match between neighbors.
Only if the routers agree on the parameters mentioned above (exact match) and their router IDs are listed in the neighbor's Hello packet '(neighbor' field in the Hello packet) can they reach the 2-way state and proceed to ExStart, Exchange, Loading and finally Full state. I will show you the process of going through all phases in the next post using 'debug ip ospf adj' command.

After achieving bidirectional communication between the routers (2-way), they will enter the ExStart state. During this phase the routers are going to elect the Master and Slave roles to perform the database synchronization in an orderly fashion. During the ExStart state they will also check their MTU size. If it does not match, they will not go any further (no LSA exchange is possible). This is generally not a problem between routers, but if you create configuration between a multilayer switch and a router, this might be a problem if the switch uses larger MTU size than 1500 bytes.

Routers typically use MTU=1500 bytes. On a multilayer switch running OSPF you can check it by issuing the following command:

Switch#show system mtu

If MTU is not 1500 bytes, you can disable MTU check on the interfaces in question:

Router(config-if)#ip ospf mtu-ignore

If all is good, they will eventually reach the Full state.

Before I finish this post I must mention that there are two multicast IP addresses reserved for OSPF communication:
224.0.0.5 = All OSPF speaking routers
224.0.0.6 = AllDRouters (DR/BDR listen on this address).

Unfortunately, sometimes these multicast addresses cannot be used on certain types of media (X.25, Frame-Relay, ATM, which are NBMA types of networks). In such situations, by default, unicast transmission must be used to send OSPF packets (the 'neighbor' statement under OSPF process changes mutlicast into unicast transmissions). But this is beyond the scope of this tutorial. If you want to learn more details you might look at my Advanced Study Blog to see these types of connections put into practice (soon more posts area going to be available).

Wrapping things up, I need to add that some states require a bit more explanation (for instance, DR/BDR election on Broadcast/NBMA networks), but it will be easier to show it practically in my next post which is going to be about implementation of OSPF on two types of network: Broadcast and Point-to-Point. Running OSPF on these types of network fall under CCNA level of expertise.

Cisco Is Easy - Main

  Cisco Basics (CCNA level)  Lessons: Watch Video Tutorials on Youtube 01 - Connecting to Cisco Console Port with MINICOM 02 - Navigatin...