There are several shortcomings to RIP version 1: ■ RIP version 1 uses MAC-level broadcasting, requiring all hosts on a network to process all packets. ■ RIP version 1 doesn’t support sending a subnet address with the route announcement. This can be a problem when there is a shortage of available IP addresses. ■ Because RIP version 1 route announcements are being addressed to the IP subnet and MAC-level broadcast, non-RIP hosts may also be receiving the RIP announcements, con- tributing to the broadcast clutter and possibly lowering the efficiency and performance of your network. ■ By default, every 30 seconds, RIP routers broadcast lists of networks they can reach to every other adjacent router.Again, this can contribute to lower network performance. ■ RIP version 1 does not handle subnetted addresses well, since it doesn’t send the subnet address along with the broadcast. ■ RIP version 1 provides no defense from a rogue router. A rogue router is an RIP router that advertises false or erroneous route information. ■ RIP version 1 is difficult to troubleshoot. In general, most problems in RIP routing stem from incorrect configuration or from the propagation of bad routing information. So, what does RIP version 2 do to attempt to correct the problems with RIP version 1? ■ RIP version 2 advertisements include the subnet mask with the network ID. ■ RIP version 2 sends multicast announcements to the multicast IP address 224.0.0.9 with a time to live (TTL) of 1 instead of broadcasting announcements, so it does not require IGMP. ■ RIP version 2 allows for authentication to substantiate the source of the incoming routing announcements. ■ RIP version 2 is compatible with RIP version 1. RIP routers begin with a basically empty routing table and start sending out announcements to the networks to which they’re connected.These announcements include the appropriate routes listed for all interfaces in the router’s routing table.The router also sends out a RIP General Request message asking for information from any router receiving the message.These announcements can be broadcast or multicast. Other routers on other networks hear these announcements and add the original router and its information to their own routing tables.They then respond to the new router’s request for information.The new router hears the announcements from these other routers on the network and adds them and their information to its own routing table. After the initial setup, the RIP router will send out information based on its routing table.The default time period is 30 seconds. Over time, the routers of the network develop a consensus of what the network looks like.The process of developing this consensual perspective of the network’s topology is known as convergence. Basically, this means that the network’s routers individually agree on what the network looks like as a group. It is this very process of convergence, however, that can 766 Chapter 22 • Planning, Implementing, and Maintaining a Routing Strategy 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 766 sometimes lead to problems. A typical network using convergence is shown in Figure 22.3. One of the occasional problems that occurs is called counting to infinity. Let’s look at how that happens. In our example, we will assume that Router A has failed. With its failure, all the hosts on the A network will no longer be accessible from the other three networks. After missing six updates from Router A, Router B will invalidate its B–A route and advertise its unavailability. Routers C and D remain ignorant of the failure of Router A until notified by Router B. At this point, both Router B and Router D still think they can get to Router A through Router C, and they raise the metric of this route accordingly. So, Routers B and D send their next updates to Router C. Router C, having timed out its route to Router A, still thinks it has access through Router B or Router D.Thus, a loop is formed between Routers B, C, and D, based on the mistaken belief that both Routers B and C can still access Router A. With each iteration of updates, the metrics are incremented an extra hop for each route.This count speeds up the process by which the router approaches its definition of infinity—the point where the router says the destination is unreachable. There are two methods of preventing this counting to infinity loop: split horizon and triggered updates. If the router is implementing split horizon, routes will not be announced back over the interfaces by which they were learned.The limitation of the split-horizon approach is that a route will not timeout until it has been unreachable for six tries, so each router has five opportunities to transmit incorrect information to the neighboring routers. If the router is implementing split horizon with poison reverse, routes learned on interfaces are announced back as unreachable. Split horizon with poison reverse is much more dependable than simple split horizon. However, although split horizon with poison reverse will stop loops in small networks, loops are still possible on larger, multipath networks. Fault tolerance in RIP networks is based on the timeout of RIP-learned routes. When changes happen in the network, RIP routers send out triggered updates, rather than waiting for a scheduled time for routing announcements.These triggered updates contain the routing update and are sent immediately.Triggered updates are nothing more than a method of speeding up split horizon with poison reverse. However, triggered updates are not foolproof. While the triggered updates are being propagated around the network, routers that have not received the triggered update are still sending Planning, Implementing, and Maintaining a Routing Strategy • Chapter 22 767 Figure 22.3 Typical Network Using Convergence Router C Router D Router B Router A 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 767 out the incorrect information. It’s possible that a router could receive the triggered update and then receive an update from another router reintroducing the incorrect information, so the count-to- infinity problem, though not as likely, is still possible. OSPF Because OSPF is designed to work inside the network area, it belongs to a group of protocols called IGRPs. OSPF is defined in RFC 2328 and its purpose is to overcome the shortcomings of both versions of RIP when they are used for large organizations. OSPF is designed for use on large or very large networks. OSPF is much more efficient than RIP, and it also requires much more knowl- edge and experience to set up and administer. There are many reasons why OSPF is a better choice for large networks than either version of RIP, including the following: ■ Faster detection and changes of the network topology.This means less chance of encoun- tering the count-to-infinity problem. ■ OSPF routes are loop-free. ■ In OSPF, large networks can be broken down into smaller contiguous groups of networks, called areas. (RIP does not allow for the subdivision of a network into smaller compo- nents.) Routing table entries can then be minimized by using the technique called summa- rizing. Summarizing allows for the creation of default routes for routes outside the area. ■ The subnet mask is advertised with OSPF.This provides support for disjointed subnets and supernetting. ■ Route exchanges between OSPF routers can be authenticated. ■ Because external routes can be advertised internally, OSPF routers can calculate least-cost routes to external destinations. OSPF is a link-state routing protocol that uses LSAs to send information to other routers in the same area, known as adjacencies. Included in the LSA is information about interfaces, gateways, and metrics. OSPF routers collect this information into a link-state database (LSDB) that is shared and synchronized among the various routers. Using this database, the various routers are able to calculate the shortest path to other routers using the SPF algorithm.The cost of each router interface is assigned by the network administrator.This unitless number can include the delay, the bandwidth, and any monetary cost factors.The accumulated cost of any OSPF network can never be more than 65,535. So, the way OSPF works can be divided into three main phases: ■ The LSDB is put together from neighboring routers. ■ The shortest path to each node is then calculated. ■ The router creates the routing table entries containing the information about the routes. When the router initializes, it sends out an LSA that contains only its own configuration. Each router has its own unique ID that it sends out with the LSA.This ID is not, however, the destination address of that router. Usually, it is the highest IP address assigned to that router, thereby ensuring 768 Chapter 22 • Planning, Implementing, and Maintaining a Routing Strategy 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 768 that each router ID is unique. Over time, the router receives LSAs from other routers.The original router includes these routes in its own LSA and eventually will again send out its LSA, now con- taining the information it received.This process is called flooding. Every router in the area will soon have the information from all other routers in the area. After the LSDB is compiled, the router determines the lowest cost path to each destination using the Dijkstra algorithm. Now, every other router and network reachable from that router will have a shortest, least-cost path calculated.The resulting data structure is called the SPF tree.The SPF tree is different for each router in the network, because the routes are calculated based on each router as the root of the tree. After the SPF tree is calculated, the routing table is created from the information it contains. An entry will be created for each network in the area of the router.The routing table will contain the network ID, the subnet mask, the IP address of the appropriate router for traffic to be directed to for that network, the interface over which the router is reachable, and the OSPF-calculated cost to that network.This cost is the metric unit, not the hop count as it would be in an RIP-routed network. OSPF router interfaces must be configured for an appropriate network type because the OSPF message address will be set for the network type specified.There are three network types supported by OSPF: ■ Broadcast This type of network is connected by two or more routers and broadcast traffic is passed between them. Examples of broadcast networks include Ethernet and FDDI. ■ Non-broadcast multiple access (NBMA) Broadcast traffic doesn’t pass on this net- work, even though it is connected by two or more routers. OSPF must be configured to use IP unicasting instead of multicasting. Examples of this type of network include Asynchronous Transfer Mode (ATM) and Frame Relay. ■ Point-to-Point Only two routers can be connected using this type of network. Examples of point-to-point networks include WAN links like Digital Subscriber Line (DSL) or Integrated Services Digital Network (ISDN). Your network is divided into areas by placing routers in specific locations to join or divide the network in the manner you want. What the router does and what designation it is given are deter- mined by its location and role in the network area.The roles that an OSPF router might file include the following: ■ Internal router All interfaces of the router are connected to the same area. An internal router will have only one LSDB because it is connected to only one area. ■ Area border router (ABR) When a router’s interfaces are connected to different areas, that router is an ABR.An ABR has one LSDB for each area it’s connected to, as illustrated in Figure 22.4. Planning, Implementing, and Maintaining a Routing Strategy • Chapter 22 769 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 769 ■ Backbone router If one of a router’s interfaces is on the backbone area, that router is considered a backbone router.This applies to both ABRs and internal routers. ■ Autonomous system boundary router (ASBR) If a router exchanges routes with sources outside the network area, it is known as an ASBR.These special routers announce external routes throughout the area network. Using Netsh Commands Administering your routing server through the Routing and Remote Access console is easy.You might wonder why anyone would want to use the command line when a perfectly acceptable and easy-to-use console is available.There are two main reasons: ■ You can administer a routing server much more quickly from the command line.This might be especially important over slow network links. ■ You can administer multiple routing servers more efficiently and consistently by creating scripts using these commands, which can then be run on many servers. The Netsh utility is available in the Windows 2000 Resource Kit and is a standard command in Windows XP and Windows Server 2003.This utility displays and allows you to manage the config- uration of your network, including both local and remote computers. It is designed to simplify the process of creating command-line scripts such as batch files.The utility itself is little more than a command interpreter that connects and interfaces with a number of services and protocols through the aid of a number of dynamic link libraries (DLLs). Each of these DLLs provides the utility with an extensive set of commands that applies specifically to that DLL’s service or protocol.These DLLs are referred to as helper files, and sometimes helper files are used to extend other helper files. You can use the Netsh utility to perform the following tasks: ■ Configure interfaces ■ Configure routing protocols 770 Chapter 22 • Planning, Implementing, and Maintaining a Routing Strategy Figure 22.4 An Area Border Router Area Border Router Workstation Workstation Workstation Area Border Router Workstation Workstation Workstation 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 770 ■ Configure filters ■ Configure routes ■ Configure remote-access behavior for Windows 2000 and Windows Server 2003-based remote-access routers that are running RRAS ■ Display the configuration of a currently running router on any computer ■ Use the scripting feature to run a collection of commands in batch mode against a specific router The syntax for the Netsh utility is as follows: netsh [-r router name] [-a AliasFile] [-c Context] [Command | –f ScriptFile] Context strings are appended to a command and passed to the associated helper file.The helper file can have one or more entry points that are mapped to contexts.The context can be any of the following: DHCP, ip, ipx, netbeui, ras, routing, autodhcp, dnsproxy, igmp, mib, nat, ospf, relay, rip, and wins. Under Windows XP, the available contexts include AAAA, DHCP, DIAG, IP, RAS, ROUTING, and WINS. Appending a specific context to the input string makes a whole different set of commands available that are specific to that context. The easiest way to learn how the Netsh utility works is by viewing its help information. Open a command prompt window on your Windows Server 2003 computer and enter the netsh command at the prompt.The command prompt changes to the netsh prompt. Enter a ? to display a list of available commands.To see the subcontexts and commands that are available to use with the routing context, type routing ? at the netsh prompt (or simply type netsh routing ? at the command prompt), and then press Enter.You can get command-line help for each command by typing netsh, followed by the command, followed by ?. Rather than entering commands through the Netsh utility, it is more efficient to use the DLLs without needing to load the Netsh shell.This reduces the amount of coding time required, and you can use multiple DLLs within a single script.To use Netsh commands this way, follow the netsh command with the name of the DLL and the command string. For example, to use the show helper command to see a complete list of the available DLLs, type netsh show helper, as shown in Figure 22.5. Planning, Implementing, and Maintaining a Routing Strategy • Chapter 22 771 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 771 As you can see in Figure 22.5, when the script is processed, you see the results of the script and then are returned to the command prompt, from which you can execute your next script. Evaluating Routing Options In order to make good decisions about routing in your network, you need to evaluate potential net- work traffic, as well as the number and types of hardware devices and applications used in your envi- ronment. For the most part, the heavier the routing demand, the higher the need for dedicated hardware routers. Lighter routing demands can be met sufficiently by less expensive software routers. Your routing decisions should be based on your knowledge and understanding of both options. Selecting Connectivity Devices For small, segmented networks with relatively light traffic between subnets, a software-based routing solution such as the Windows Server 2003 RRAS might be ideal. On the other hand, a large number of network segments with a wide range of performance requirements would probably necessitate some kind of hardware-based routing solution. Evaluating your routing options includes selecting the proper connectivity devices: hubs, bridges, switches, or routers. Hubs Hubs, sometimes referred to as switches, are devices used to connect communication lines in a central location and help provide common connections to all other devices on the network. A hub usually has one input and several outputs.These outputs are known as ports, but don’t confuse them with TCP/IP ports (as in port 80, the one used for HTTP traffic).These ports are just connections and 772 Chapter 22 • Planning, Implementing, and Maintaining a Routing Strategy Figure 22.5 Type netsh show helper at the Command Prompt to View Available DLLs 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 772 nothing more.They generally accept RJ-45 connectors.Think of a hub as like the center of an old wagon wheel with all the spokes radiating out to the other part of the wheel. A hub simply takes the data that comes into its ports and sends it out on the other ports of the hub. For this reason, it is sometimes referred to as a repeater. It doesn’t provide or perform any fil- tering or redirection of the data from the various sources plugged into it. Hubs are commonly used to connect various network segments of a LAN. Hubs generally come in three flavors: ■ Passive Serves simply as a pipeline allowing data to move from one device, or network segment, to another. ■ Intelligent Sometimes referred to as an active, managed, or manageable hub, it includes additional features that allow you to monitor the traffic passing through the hub and con- figure each port for specific purposes. ■ Switching Reads the destination address of each packet and forwards that packet to the correct port. Most hubs of this variety also support load balancing. Bridges There are several definitions for a bridge, each carrying a specific meaning when used in a particular context. In one context, a bridge can be thought of as a gateway, connecting one network to another using the same communication protocols and allowing the information to be passed from one to the other. In another context, a bridge can be used to connect two networks with dissimilar communication protocols at the Data Link layer (Layer 2), in much the same manner as a router itself.There is also a bridge called a bridge router, which supports the functions of both the bridge and the router using Layer 2 addresses for routing. Here, we’ll look at the traditional bridge and the context that is most often associated with this device. Bridges work at both the Physical (Layer 1) and Data Link (Layer 2) layers of the OSI refer- ence model.That means that a bridge knows nothing about protocols but forwards data depending on the destination address found in the data packet.This destination address is not an IP address, but rather a Media Access Control (MAC) address that is unique to each network adapter card. For this reason, bridges are often referred to as MAC bridges. Basically, all bridges work by building and maintaining an address table.This table includes infor- mation such as an up-to-date listing of every MAC address on the LAN, as well as the physical bridge port connected to the segment on which that address is located. There are three basic types of bridges: ■ Transparent bridge Links together segments of the same type of LAN. A transparent bridge effectively isolates the traffic from one LAN segment from the traffic of another LAN segment, as shown in Figure 22.6. Planning, Implementing, and Maintaining a Routing Strategy • Chapter 22 773 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 773 ■ Translating (or translational) bridge Like a transparent bridge, links together seg- ments of the same type of LAN, but also can provide conversion processes needed between different LAN architectures.This allows you to connect a Token Ring LAN to an Ethernet LAN, as shown in Figure 22.7. ■ Speed-buffering bridge Used to connect LANs that have similar architectures but dif- ferent transmission rates. Figure 22.8 shows how you might use a speed-buffering bridge to connect a 10-Mbps Ethernet network to a 100-Mbps Ethernet network. 774 Chapter 22 • Planning, Implementing, and Maintaining a Routing Strategy Figure 22.6 Transparent Bridge Bridge Hub Hub Server Workstation Workstation Printer Workstation Workstation Server Workstation MAC Broadcast Domain MAC Broadcast Domain Figure 22.7 Translating Bridge Token-ring Server Workstation IBM Compatible Workstation Printer Workstation Laptop Computer Workstation Ethernet 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 774 Bridges are self-learning, so the administrative overhead is small.The functionality of bridges has been built into routers, hubs, and switches. Switches Switches are like bridges, except that they have multiple ports with the same type of connection (bridges generally have only two ports) and have been described as nothing more than fast bridges. Switches are used on heavily loaded networks to isolate data flow and improve the network perfor- mance. In most cases, most users get little, if any, advantage from using a switch rather than a hub. That’s not to oversimplify and suggest that a switch doesn’t have many benefits. Switches can be used to connect both hubs and individual devices.These approaches are known as segment switching and port switching, respectively. Segment switching implies that each port on the switch functions as its own segment.This pro- cess tends to increase the available bandwidth, while decreasing the number of devices sharing each segment’s bandwidth, but at the same time maintaining the Layer 2 connectivity. Each shared hub and the devices that are connected to it make up their own media access domain, while all devices in both domains remain part of the same MAC broadcast domain. Figure 22.9 illustrates how a seg- ment-switched LAN can be divided to improve performance. Planning, Implementing, and Maintaining a Routing Strategy • Chapter 22 775 Figure 22.8 Speed-buffering Bridge Server WorkstationWorkstationWorkstation Bridge Workstation Workstation Workstation Server 100 Mbps Ethernet 10 Mbps Ethernet Ethernet Ethernet 301_BD_W2k3_22.qxd 5/12/04 3:47 PM Page 775 . own routing tables.They then respond to the new router’s request for information .The new router hears the announcements from these other routers on the network and adds them and their information. router in the area will soon have the information from all other routers in the area. After the LSDB is compiled, the router determines the lowest cost path to each destination using the Dijkstra. network in the area of the router .The routing table will contain the network ID, the subnet mask, the IP address of the appropriate router for traffic to be directed to for that network, the interface