- IP Routing Protocols (Dynamic)
There are several dynamic routing protocols for IP. Here are some of the more common dynamic routing protocols for routing IP packets:
RIP (Routing Information Protocol)
IGRP (Interior Gateway Routing Protocol)
EIGRP (Enhanced Interior Gateway Routing Protocol)
OSPF (Open Shortest Path First)
IS-IS (Intermediate System-to-Intermediate System)
BGP (Border Gateway Protocol
http://www.orbit-computer-solutions.com/Routing-Protocols.php
- One way of classifying dynamic routing protocols is based on where they are used. This criterion allows us to distinguish between two major solutions:
Interior Gateway Protocols (IGP)
Exterior Gateway Protocols (EGP)
Common Interior Gateway Protocols are:
Routing Information Protocol (RIP),
Open Shortest Path First (OSPF),
Enhanced Interior Gateway Protocol (EIGRP, Cisco proprietary protocol),
Intermediate System to Intermediate System (IS-IS).
Exterior Gateway Protocols (currently there is only one in use)
Border Gateway Protocol (BGP)
http://ciscoiseasy.blogspot.com/2010/12/lesson-34-dynamic-routing-protocols.html
- BGP for History Buffs
Once upon a time, when the Internet was just a tiny cloud, there were only a few networks connected to each other
All that needed to be done to set up routing was to define network nodes and make connections between them as needed.
As we all know, the Internet didn’t stay small for very long.
It began to incorporate more and more networks, which necessitated a more dynamic routing system.
EGP (External Gateway Protocol) was invented to do the job.
In modern networks, tree topologies were replaced by fully connected mesh topologies to allow for maximum scalability.
The Emergence of Autonomous System Architecture
As the Internet continued to expand, it became increasingly difficult to keep track of all the routes from one network to another.
The solution was to transition to an Autonomous System (AS) architecture
An AS can be an Internet Service Provider, a university or an entire corporate network, including multiple locations (IP addresses).
Each AS is represented by a unique number called an ASN.
each autonomous system controls a collection of connected routing prefixes, representing a range of IP addresses
It then determines the routing policy inside the network.
As the number of autonomous systems in the internet grew, the drawbacks of EGP became more pronounced.
Its hierarchical structure hampered scalability and made it difficult to connect new networks in an efficient manner.
it was necessary to define a new exterior routing protocol that would provide enhanced and more scalable capabilities.
BGP is Just Like GPS for Packets
You can think of an autonomous system in the computer world as a city with many streets. A network prefix is similar to one street with many houses. An IP address is like an address for a particular house in the real world, while a packet is the equivalent of a car travelling from one house to another using the best possible route.
BGP is designed to exchange routing and reachability information between autonomous systems on the Internet.
Each BGP speaker, which is called a “peer”, exchanges routing information with its neighboring peers in the form of network prefix announcements. This way, an AS doesn’t need to be connected to another AS to know its network prefix.
Each peer manages a table with all the routes it knows for each network and propagates that information to its neighboring autonomous systems.
In this way, BGP allows an AS to collect all the routing information from its neighboring autonomous systems and “advertise” that information further.
Each peer transfers the information internally inside its own autonomous system.
https://www.incapsula.com/blog/bgp-routing-explained.html
MicroNugget: What is BGP and How Does it Work?
The routing protocol of the internet
management of trust and untrust
the slowest routing protocol in the world
service providers use BGP,or enterprise level customers
- Static routing
Static routes are one way we can communicate to remote networks. In production networks, static routes are mainly configured when routing from a particular network to a stub network.
stub networks are networks that can only be accessed through one point or one interface.
There are three routing table principles that dictate how routers communicate.
“routers forward packets based on information contained in their routing tables ONLY.”
” Routing information on one router does not mean that other routers in the domain have the same information.”
“Routes on a router to a remote network do not mean that the remote router has return paths.”
http://www.ccnablog.com/static-routing/
- Dynamic routing protocols
Classification
Dynamic routing protocols can be classified in several ways.
Interior and exterior gateway routing protocols,
Distance vector, path vector and link state routing protocols,
Classful and classless.
Routing protocols function by:
Discovering remote networks
Maintaining current routing information
Path determination
Disadvantages
Require more expertise by the administrator, they are not as simple to configure as static routes.
They use more of the routers resources; such as CPU and RAM.
routing protocols fall into two main categories which are;
EGP – Exterior Gateway Protocols
IGP – Interior Gateway Protocols
Autonomous systems also known as routing domains; are collections of routers under the same administration. This may mean the routers that are owned by one company.
Interior Gateway Protocols (IGP) are used for intra-autonomous system routing – routing inside an autonomous system.
Exterior Gateway Protocols (EGP) are used for inter-autonomous system routing – routing between autonomous systems.
Egp vs igp
Interior Gateway Protocols (IGPs) can be classified as two types:
Distance vector routing protocols
Link-state routing protocols
Distance vector routing protocols vs. link state routing protocols
Distance vector protocols work best in situations where:
The network is simple and flat and does not require a special hierarchical design.
The administrators do not have enough knowledge to configure and troubleshoot link-state protocols.
Specific types of networks, such as hub-and-spoke networks, are being implemented.
Worst-case convergence times in a network are not a concern
Link state routing protocols usually have a complete view of the topology. They usually know of the best paths as well as backup paths to networks. Link state protocols use the shortest-path first algorithm to find the best path to a network.
Link-state protocols work best in situations where:
The network design is hierarchical, usually occurring in large networks.
The administrators have a good knowledge of the implemented link-state routing protocol.
Fast convergence of the network is crucial.
Classful and classless
Classful Routing Protocols
Since they do not include the subnet mask in their routing updates, they cannot work where the networks have been subnetted.
Classless routing protocols
Classless routing protocols include the subnet mask with the network address in routing updates.
Metric
The metric, is the mechanism used by the routing protocol to assign costs to reach remote networks
The metric is used to determine the best path to a network when there are multiple paths.
Administrative distance
The administrative distance is the way routers use to give preference to routing sources. For example if a router learns of the same route via EIGRP and RIP, it will prefer the route it learnt via EIGRP.
The AD is usually a value from 0 to 255, the lower the value the better the routing source, a route with an administrative distance of 255 will never be trusted.
http://www.ccnablog.com/dynamic-routing-protocols/
- Spanning Tree Protocol STP Tutorial
To provide for fault tolerance, many networks implement redundant paths between devices using multiple switches. However, providing redundant paths between segments causes packets to be passed between the redundant paths endlessly. This condition is known as a bridging loop.
(Note: the terms bridge, switch are used interchangeably when discussing STP)
To prevent bridging loops, the IEEE 802.1d committee defined a standard called the spanning tree algorithm (STA), or spanning tree protocol (STP). Spanning-Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations.
How Spanning Tree Protocol (STP) works
SPT must performs three steps to provide a loop-free network topology:
1. Elects one root bridge
2. Select one root port per nonroot bridge
3. Select one designated port on each network segment
when turned on, each switch claims itself as the root bridge immediately and starts sending out multicast frames called Bridge Protocol Data Units (BPDUs), which are used to exchange STP information between switches.
https://www.9tut.com/spanning-tree-protocol-stp-tutorial
- Rapid Spanning Tree Protocol RSTP Tutorial
One big disadvantage of STP is the low convergence which is very important in switched network. To overcome this problem, in 2001, the IEEE with document 802.1w introduced an evolution of the Spanning Tree Protocol: Rapid Spanning Tree Protocol (RSTP), which significantly reduces the convergence time after a topology change occurs in the network. While STP can take 30 to 50 seconds to transit from a blocking state to a forwarding state, RSTP is typically able to respond less than 10 seconds of a physical link failure.
http://www.9tut.com/rapid-spanning-tree-protocol-rstp-tutorial
- Ethernet Automatic Protection Switching Overview
Ethernet automatic protection switching (APS) is a linear protection scheme designed to protect VLAN based Ethernet networks.
With Ethernet APS, a protected domain is configured with two paths, a working path and a protection path. Both working and protection paths can be monitored using an Operations Administration Management (OAM) protocol like Connectivity Fault Management (CFM). Normally, traffic is carried on the working path (that is, the working path is the active path), and the protection path is disabled. If the working path fails, its protection status is marked as degraded (DG) and APS switches the traffic to the protection path, then the protection path becomes the active path.
https://www.juniper.net/documentation/en_US/junos/topics/concept/ethernet-automatic-protection-switching-overview.html
VRRP, the Virtual Router Redundancy Protocol, explained by Juniper Engineers
multicast IP packet
destination IP address is multicast not unicast, group of IPs,not a single IP
source IP address is unicast
IPv4 multicast address
all has first 3 bits set to 1
unlike unicast there is not a protocol to map IP addresses to MAC addresses
all multicast MAC addresses has last bit of first octet set to 1.
Open Standard means VRRP can be configured on any vendor
VRRP Roles
Master/Active
Backup/Standby
VRRP encapsulated in IP protocol No:112
VRRP supports two types of authentication; plaintext and MD5
VRRP MAC;0000.5e00.01XX ; XX is groupid
- Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) and IS-IS for Unix-like platforms, particularly Linux, Solaris, FreeBSD and NetBSD
https://en.wikipedia.org/wiki/Quagga_(software)
- an autonomous system (AS) is a large network or group of networks that has a unified routing policy. Every computer or device that connects to the Internet is connected to an AS.
https://www.cloudflare.com/learning/network-layer/what-is-an-autonomous-system/
An autonomous system (AS) is a collection of routers under a common administration such as a company or an organization. An AS is also known as a routing domain. Typical examples of an AS are a company’s internal network and an ISP’s network.
https://www.ciscopress.com/articles/article.asp?p=2180210&seqNum=7
What Does External Border Gateway Protocol (EBGP) Mean?
- External Border Gateway Protocol (EBGP) is a Border Gateway Protocol (BGP) extension that is used for communication between distinct autonomous systems (AS). EBGP enables network connections between autonomous systems and autonomous systems implemented with BGP.
https://www.ciscopress.com/articles/article.asp?p=2180210&seqNum=7
- We need EBGP between AS1 and AS2 because these are two different autonomous systems. This allows us to advertise a prefix on R1 in BGP so that AS2 can learn it.
We also need EBGP between AS2 and AS3 so that R5 can learn prefixes through BGP.
So that’s the first reason why we need IBGP…so you can advertise a prefix from one autonomous system to another.
https://networklessons.com/bgp/internal-bgp-border-gateway-protocol-explained
- Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet.[2] BGP is classified as a path-vector routing protocol,[3] and it makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator.
BGP used for routing within an autonomous system is called Interior Border Gateway Protocol, Internal BGP (iBGP). In contrast, the Internet application of the protocol is called Exterior Border Gateway Protocol, External BGP (eBGP).
https://en.wikipedia.org/wiki/Border_Gateway_Protocol
- Spanning Tree Protocol (STP) is a communication protocol operating at data link layer the OSI model to prevent bridge loops and the resulting broadcast storms
In case a particular active link fails, the algorithm is executed again to find the minimal spanning tree without the failed link. The communication continues through the newly formed spanning tree. When a failed link is restored, the algorithm is re-run including the newly restored link.
https://www.tutorialspoint.com/spanning-tree-protocol
- Setting and checking Time-To-Live (TTL) value is a light-weighted but effective mechanism in avoiding infinite forwarding loop
https://books.google.com.tr/books?id=0WfLBQAAQBAJ&pg=PA107&lpg=PA107&dq=TTL++%22infinite+forwarding%22&source=bl&ots=QUl0hd3Fjc&sig=ACfU3U0A4G05PeuH4xokzN6ArhV3oFS2hQ&hl=en&sa=X&ved=2ahUKEwjqoougud71AhUa_bsIHfveDyIQ6AF6BAgOEAM#v=onepage&q=TTL%20%20%22infinite%20forwarding%22&f=false
- the Multiple Spanning Tree Protocol (MSTP), which configures a separate spanning tree for each virtual local area network (VLAN) group
https://www.sciencedirect.com/topics/computer-science/spanning-tree
- Per VLAN Spanning Tree (PVST) is a Cisco proprietary protocol that allows a Cisco device to have multiple spanning trees.
http://docs.ruckuswireless.com/fastiron/08.0.60/fastiron-08060-l2guide/GUID-F9905D20-F2BB-4286-B606-49BC36596CF1.html#:~:text=Per%20VLAN%20Spanning%20Tree%20(PVST,running%20a%20single%20spanning%20tree.
- Multiple Spanning Tree (MST)
By default Cisco Catalyst Switches run PVST+ or Rapid PVST+ (Per VLAN Spanning Tree). This means that each VLAN is mapped to a single spanning tree instance. When you have 20 VLANs, it means there are 20 instances of spanning tree.
MST works with the concept of regions. Switches that are configured to use MST need to find out if their neighbors are running MST.
https://networklessons.com/spanning-tree/multiple-spanning-tree-mst
- Listening state: Only a root or designated port will move to the listening state. The non-designated port will stay in the blocking state.No data transmission occurs at this state for 15 seconds just to make sure the topology doesn’t change in the meantime. After the listening state we move to the learning state.
Learning state: At this moment the interface will process Ethernet frames by looking at the source MAC address to fill the mac-address-table. Ethernet frames however are not forwarded to the destination. It takes 15 seconds to move to the next state called the forwarding state.
Forwarding state: This is the final state of the interface and finally the interface will forward Ethernet frames so that we have data transmission!
https://networklessons.com/spanning-tree/spanning-tree-port-states
- Understand and Configure STP on Catalyst Switches
With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network, such as which port to block and which port to put in forwarding mode, are made from the perspective of this root bridge. A switched environment, which is different from a bridge environment, most likely deals with multiple VLANs. When you implement a root bridge in a switching network, you usually refer to the root bridge as the root switch. Each VLAN must have its own root bridge because each VLAN is a separate broadcast domain
https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/5234-5.html
- Root port: The root port on an STP device has the smallest path cost to the root bridge and is responsible for forwarding data to the root bridge
Root bridge: There is only one root bridge on the entire STP network
https://support.huawei.com/enterprise/en/doc/EDOC1100086964
- OSPF is an interior gateway protocol (IGP) that routes packets within a single autonomous system (AS). OSPF uses link-state information to make routing decisions, making route calculations using the shortest-path-first (SPF) algorithm (also referred to as the Dijkstra algorithm). Each router running OSPF floods link-state advertisements throughout the AS or area that contain information about that router’s attached interfaces and routing metrics.
https://www.juniper.net/documentation/us/en/software/junos/ospf/topics/topic-map/ospf-overview.html
- This document describes the Open Shortest Path First Version 3 (OSPFv3) Autonomous System (AS) External Link State Advertisement (LSA) Type 5 route selection mechanism. It presents a network scenario with the configuration for how to select the route received from one Autonomous System Boundary Router (ASBR) over another.
https://www.cisco.com/c/en/us/support/docs/ip/ipv6-routing/200187-Understand-OSPFv3-AS-External-LSA-Route.html
- MPLS operates at a layer that is generally considered to lie between traditional definitions of OSI Layer 2 (data link layer) and Layer 3 (network layer), and thus is often referred to as a layer 2.5 protocol
https://en.wikipedia.org/wiki/Multiprotocol_Label_Switching
- Why VPWS service - MPLS has a two ethernet frame headers?
the encapsulation is removed and the original frame is sent to the local network.
The outer label is used for switching within the MPLS tunnel. The inner label is ignored while in the tunnel - currently, it's just payload to transport.
Once the encapsulated payload reaches the destination network, the encapsulation is removed and the original frame continues on as before the tunnel.
https://networkengineering.stackexchange.com/questions/46211/why-vpws-service-mpls-has-a-two-ethernet-frame-headers
- What is the “label switching” in MPLS routing?
As packets travel through the MPLS network, their labels are switched or swapped.
The packet enters the edge of the MPLS backbone, is examined, classified and given an appropriate label, and forwarded to the next hop in the pre-set Label Switched Path (LSP). As the packet travels that path, each router on the path uses the label – not other information, such as the IP header – to make the forwarding decision that keeps the packet moving along the LSP.
However, within each router, the incoming label is examined and its next hop is matched with a new label. The old label is replaced with the new label for the packet’s next destination, and then the freshly labeled packet is sent to the next router. Each router repeats the process until the packet reaches an egress router.
The label information is removed at either the last hop or the exit router, so that the packet goes back to being identified by an IP header instead of an MPLS label.
https://www.rcrwireless.com/20140513/fundamentals/mpls-routing
- 7.3.7 Multi-Protocol Label Switching
When an IP packet arrives at a router (Rosen et al., 2001) the next hop for this packet is determined by the routing algorithm in operation, which uses the longest prefix match
https://www.sciencedirect.com/topics/engineering/multi-protocol-label-switching
- “Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet.
https://www.imperva.com/blog/bgp-routing-explained/
- The router receives a packet.
While processing the header, the router compares the destination IP address, bit-by-bit, with the entries in the routing table.
The entry that has the longest number of network bits that match the IP destination address is always the best match (or best path) as shown in the following example:
https://www.juniper.net/documentation/us/en/software/junos/static-routing/topics/ref/statement/longest-match-next-hop-edit-static-routing-options.html
- The Ethernet frame is sent to the peer according to the destination MAC address.
The peer compares the destination MAC address with entries in the MAC address table.
If a matching entry is found, the frame is accepted.
If no matching entry is found, the frame is discarded.
https://support.huawei.com/enterprise/en/doc/EDOC1100137937/66c12b3e/mac-sub-layer
- Switch Learning and Forwarding (7.3.2)
A switch dynamically builds its MAC address table by examining the source MAC addresses of the frames received on a port. The switch forwards frames by searching for a match between the destination MAC address in a frame and an entry in the MAC address table.
https://www.ciscopress.com/articles/article.asp?p=3089352&seqNum=6
- How Forwarding Decisions Are Made
Forwarding decisions are made as follows:
• If the destination does not match an entry in the routing table, the packet is forwarded through the interface
specified for the default route. If a default route has not been configured, the packet is discarded
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-routing.pdf
- If the destination IP address and the subnet mask do not match, the entries in the routing table are compared to the destination IP address. If a match is found (i.e., the destination IP address and the subnet mask AND to a value found in the routing table), the packet is sent to the gateway listed in the routing table. If no matching entries can be found, the packet is sent to the defined default gateway
https://www.sciencedirect.com/topics/computer-science/routing-table-entry
- How To Prevent Cisco Switches Network Loop?
What is a Network Loop?
A switching loop or bridge loop occurs in computer networks when there is more than one Layer 2 (OSI model) path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other). The loop creates broadcast storms as broadcasts and multicasts are forwarded by switches out every port, the switch or switches will repeatedly rebroadcast the broadcast messages flooding the network. Since the Layer 2 header does not support a time to live (TTL) value, if a frame is sent into a looped topology, it can loop forever
How do I stop a network loop?
A physical topology that contains switching or bridge loops is attractive for redundancy reasons, yet a switched network must not have loops. The solution is to allow physical loops, but create a loop-free logical topology using the shortest path bridging (SPB) protocol or the older spanning tree protocols (STP) on the network switches
https://linknewnet.com/how-to-prevent-cisco-switches-network-loop.html
- A switching loop or bridge loop occurs in computer networks when there is more than one layer 2 path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other). The loop creates broadcast storms as broadcasts and multicasts are forwarded by switches out every port, the switch or switches will repeatedly rebroadcast the broadcast messages flooding the network.[1] Since the layer-2 header does not include a time to live (TTL) field, if a frame is sent into a looped topology, it can loop forever.
A physical topology that contains switching or bridge loops is attractive for redundancy reasons, yet a switched network must not have loops. The solution is to allow physical loops, but create a loop-free logical topology using link aggregation, shortest path bridging, spanning tree protocol or TRILL on the network switches.
Routing loops are tempered by a time to live (TTL) field in layer-3 packet header; Packets will circulate the routing loop until their TTL value expires. No TTL concept exists at layer 2 and packets in a switching loop will circulate until dropped, e.g. due to resource exhaustion.
https://en.wikipedia.org/wiki/Switching_loop
- Broadcast storm
Most commonly the cause is a switching loop in the Ethernet network topology (i.e. two or more paths exist between switches). As broadcasts and multicasts are forwarded by switches out of every port, the switch or switches will repeatedly rebroadcast broadcast messages and flood the network. Since the layer-2 header does not support a time to live (TTL) value, if a frame is sent into a looped topology, it can loop forever.
In some cases, a broadcast storm can be instigated for the purpose of a denial of service (DOS) using one of the packet amplification attacks, such as the smurf attack or fraggle attack, where an attacker sends a large amount of ICMP Echo Requests (ping) traffic to a broadcast address, with each ICMP Echo packet containing the spoof source address of the victim host
In wireless networks a disassociation packet spoofed with the source to that of the wireless access point and sent to the broadcast address can generate a disassociation broadcast DOS attack
Prevention
Switching loops are largely addressed through link aggregation, shortest path bridging or spanning tree protocol. In Metro Ethernet rings it is prevented using the Ethernet Ring Protection Switching (ERPS) or Ethernet Automatic Protection System (EAPS) protocols.
Filtering broadcasts by Layer 3 equipment, typically routers (and even switches that employ advanced filtering called brouters).
Physically segmenting the broadcast domains using routers at Layer 3 (or logically with VLANs at Layer 2) in the same fashion switches decrease the size of collision domains at Layer 2.
Routers and firewalls can be configured to detect and prevent maliciously inducted broadcast storms (e.g. due to a magnification attack).
Broadcast storm control is a feature of many managed switches in which the switch intentionally ceases to forward all broadcast traffic if the bandwidth consumed by incoming broadcast frames exceeds a designated threshold. Although this does not resolve the root broadcast storm problem, it limits broadcast storm intensity and thus allows a network manager to communicate with network equipment to diagnose and resolve the root problem.
https://en.wikipedia.org/wiki/Broadcast_storm
No comments:
Post a Comment