Thông tin tài liệu
Choosing the
Right Interior
Routing Protocol
1-800-COURSES
www.globalknowledge.com
Expert Reference Series of White Papers
Introduction
Choosing an IP routing protocol is an important step. The right protocol can make your routing
operate efficiently, and the wrong one can make your life difficult. Each protocol has its own
pros and cons, and works better in some situations than others. In this paper, we explore the
strengths and weakness of RIP, EIGRP, OSPF, and IS-IS, and discuss when it is appropriate to
use each. We will evaluate each protocol in terms of five criteria:
• Convergence speed
• Ease of use
• Network topology required
• Vendor support
• IPv6 support
This paper also provides configuration tasks and commands for Cisco routers. It includes tips
for each protocol, as well as suggestions on designing your network to maximize the efficiency
of each protocol. This paper assumes the reader is already familiar with interior routing proto-
cols. It contains a short description of each protocol, but does not go in depth on each of its
features or possible configuration commands. A list of good reference material is at the end of
the paper, for those wishing more information on a particular protocol.
Routing Information Protocol (RIP)
RIP was one of the first IP routing protocols. It is simple to understand and simple to configure.
RIP version 1 sends its advertisements as broadcasts; RIP version 2 sends them as multicas-
ts. Both versions advertise their entire routing table every 30 seconds. For both versions, the
metric is hop count – with each router counting as a hop. A network with a metric of 16 hops is
considered unreachable, which limits the diameter of a RIP routing domain.
Convergence Speed
RIP is notoriously slow to converge. It is a distance vector protocol, which means that each
router advertises only the path it itself is using to reach a particular network. When there is a
change in the network topology, each router recalculates its routing table before announcing
the change to its neighbors. If a network has gone down, the router must query its neighbors
for an alternate path to the network, and wait for them to respond. Additionally, RIP employs
timers such as the hold-down timer to lessen the chance of a routing loop. These timers, how-
ever, also lengthen the amount of time that incorrect information might be propagated through
the network.
Denise Donohue, Global Knowledge Instructor, CCIE #9566
Choosing the Right
Interior Routing Protocol
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 2
Ease of Use
RIP is an easy protocol to use. All that is required is to enable RIP and configure a network
statement for the router interfaces that will be running RIP. RIP version 1 is a classful routing
protocol, and thus all links within the RIP domain must use the same subnet mask. RIP version
2 is classless, and thus supports variable-length subnet masking (VLSM). With either version
of RIP, the network statement lists only the classful network.
Network Topology
The best place to use RIP is in a small network with links of about the same bandwidth since
its metric does not account for differences in bandwidth. The more stable the network, the bet-
ter RIP performs. RIPv1 is best used on links with only RIP devices, since its advertisements
are sent as broadcasts. If it were used on a LAN link with hosts as well as a neighbor router on
the link, the hosts would be interrupted every 30 seconds by RIP broadcasts. This is not a
problem with RIPv2, since it sends its advertisements to the multicast address of 224.0.0.9.
Only devices listening for that multicast address would be affected.
When using RIPv1, the same subnet mask must be used on every subnet of a classful net-
work. There must be no discontiguous subnets. RIPv2 can handle networks with VLSM, since
you can disable auto-summarization.
Vendor Support
Since RIP is such a well-known protocol, it is very widely supported. All Cisco routers support
it, as well as firewalls, Microsoft Windows operating systems, and Unix-based operating sys-
tems. Some networks must run RIP in order to support a Unix computer. If that is the case in
your network, consider sectioning off that part of the network, confining the RIP portion of the
network to as few devices as possible. Run a more sophisticated protocol in the rest of the
network, and redistribute the RIP routes into it. If possible, inject only a default route into the
RIP area.
IPv6 Support
There is a version of RIP that supports IPv6, called RIPng (RFC 2080). It is available begin-
ning in Cisco IOS version 12.2(8)T9.
Tasks and Tips
On a Cisco router, enable RIP under the global configuration mode and then list the classful
networks for the interfaces where you want to run RIP. For instance, suppose you have the
network shown in the drawing below.
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 3
Router B has three interfaces. Two are in the classful network 10.0.0.0, and one is in the
classful network 172.20.0.0. Suppose you want Routers A, B, and C to all exchange RIP infor-
mation. The configuration on Router B would then be:
(config)#router rip
(config-router)#network 10.0.0.0
(config-router)#network 172.20.0.0
The default configuration sends RIPv1 advertisements and listens for both version 1 and ver-
sion 2 advertisements. The version can be configured under the router configuration mode, for
the entire RIP process, or in interface configuration mode, for just that interface. In the previ-
ous example, suppose you want to run RIP version 2 in general, but version 1 on the interface
connecting to Router C (you can choose which version to both send and receive):
(config)#router rip
(config-router)#version 2
(config-router)#interface s1/0
(config-if)#ip rip send version 1
(config-if)#ip rip receive version 1
You may not want all interfaces with IP addresses in the classful network to be running RIP; in
that case, you can use the passive-interface <interface> command. Making an interface pas-
sive for RIP stops the router from sending advertisements out that interface. It will still listen to
RIP advertisements coming in that interface, however, and will still advertise the network
assigned to that interface. A variation of this is the command passive-interface default. This
makes all interfaces encompassed in the network statement passive for RIP. You can then
enable RIP on a specific interface with no passive-interface <interface>. In the drawing
above, the LAN interface has no other routers on it, only hosts. It would make sense to make
that interface passive for RIP. The commands to accomplish that are:
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 4
(config)#router rip
(config-router)#passive-interface fa0/0
Another option with RIPv2 is to make an interface passive, then add a neighbor statement list-
ing the IP address of the router on the other end of a link. RIP will then send its updates as a
unicast out that interface, to that neighbor. If you wanted to do this for Router A, for example,
use the following commands:
(config-router)#passive-interface s1/1
(config-router)#neighbor 172.20.4.2
RIP will automatically summarize up to the classful network when advertising routes out an
interface belonging to a different classful network. For instance, in our example network,
Router B would not advertise the two subnets 10.1.0.0 and 10.2.0.0 to Router A. It would
instead summarize and advertise only network 10.0.0.0. Similarly, Router B would summarize
the 172.20.4.0 subnet and advertise 172.20.0.0 to Router C. You can disable this functionality
in RIPv2 with the following command:
(config-router)#no auto-summary
Turning off auto-summarization causes RIP to advertise every subnet to its neighbors. This
isn’t necessarily a good thing – it makes the routing tables and route advertisements larger.
RIPv2 allows you to manually configure summarization at the interface level. The command
looks like this:
(config-if)#summary-address rip <network> <subnet_mask>
When using RIP in only a portion of your network, it is good practice to redistribute the RIP
routes into your primary (core) protocol, and represent the core networks with either a default
or static routes in the RIP portion of the network. To configure RIP to advertise a default route
to its neighbors, first configure a static default route pointing to a neighbor core router. Then
tell RIP to generate default information to its peers:
(config)#ip route 0.0.0.0 0.0.0.0 <neighbor_ip_address>
(config)#router rip
(config-router)#default-information originate
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 5
RIP Summary
Convergence Speed — Slow
Ease of Use — Easy to understand and use
Network Topology — No special topology required
Vendor Support — Widely supported by many vendors
IPv6 Support — Supported
When to Use — Small, homogenous, stable network. When hosts require its use
Open Shortest Path First (OSPF)
OSPF is an open standard link-state protocol, described in several RFCs. It calculates its best
path using the Shortest Path First algorithm originated by Edgars Djikstra. OSPF’s metric is
cost. On Cisco routers, “cost” is based on bandwidth – the default value is 108 divided by
interface bandwidth. OSPF adds the cost of each link along the path to the destination net-
work. The SPF algorithm uses this metric to build a tree containing the shortest (least-cost)
path to each network. Running the SPF algorithm is very CPU intensive, which could be a lia-
bility in an unstable network. Advertisements are sent as multicasts, and once a router has
converged, only triggered updates are sent.
Convergence Speed
OSPF is one of the fastest-converging protocols. When an OSPF router learns about a change
in network topology, it forwards the information to its neighbors before recalculating its routing
information. This helps speed up convergence. Each router maintains a link-state database
containing information about all networks in the OSPF routing domain. If a network goes down,
there is no need for a router to query its neighbors – it already knows any alternate paths to
that network. Once a router has updated its neighbors, it reruns the SPF algorithm and sub-
mits the resulting routes to the routing table.
Ease of Use
A basic OSPF configuration is fairly easy to configure. However, one of the protocol’s strengths
is the ability to customize it to better fit your network needs. An OSPF configuration can get
very complex if you take advantage of its many features. On the plus side, many network engi-
neers are knowledgeable and skilled in the protocol, since it is so widely used.
Network Topology
OSPF requires a two-level hierarchy. There is a backbone area called Area 0, and all traffic
between areas transits Area 0. It fits well in hub-and-spoke networks, where you have a well-
defined backbone with groups of networks branching out from it. The need for this type of
topology is often the most challenging part of implementing OSPF in an existing network. Area
0 should have the most redundancy and the most bandwidth, as it is a transit area. All the
other areas are required to have at least one router with at least one interface in Area 0. OSPF
provides virtual links as a way around this requirement as a temporary measure while transi-
tioning the network to fit the OSPF model.
IP addressing should follow the network topology to allow for summarization of routes. For the
most efficient operation, assign your IP subnets so that each area’s routes are able to be sum-
marized into as few advertisements as possible. Without summarization, information about all
routes is sent to every router in the OSPF domain. When any link goes down, all routers then
have to receive that information and rerun the SPF algorithm. OSPF only allows summariza-
tion at the ABRs (area border router) and ASBRs (autonomous system boundary router).
In a pure hub-and-spoke network, you may be able to designate areas as stub or totally stubby
areas. This helps make OSPF operation even more efficient, as it limits the information routers
in the stub areas must maintain.
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 6
Vendor Support
OSPF is a standards-based protocol. It is supported by most routers, many firewalls, and some
versions of Windows. Thus, it is good for use in a multi-vendor environment.
IPv6 Support
Support for IPv6 is built into OSPF version 3. Cisco routers include OSPFv3 beginning in IOS
12.2(15)T9.
Tasks and Tips
On a Cisco router, enable OSPF under the global configuration mode. You must specify a
process number – this number is local to the router. Then enable OSPF on interfaces and
assign those interfaces to areas using the network statement. The network statement requires
a wildcard mask after the prefix information. This allows you to either specify a range of inter-
faces to be included in the OSPF process or limit it to one particular IP address. The network
statements are read from the top down, so more specific statements should be configured first.
The following examples are based on this diagram:
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 7
In this example, the requirement is to enable OSPF area 0 between Router A and Router B,
and OSPF area 10 between Router B and Router C. On Router B, we specify interface S1/1
by its exact IP address and include interfaces Fa0/0 and S1/0 in one network statement:
(config)#router ospf 1
(config-router)#network 172.20.4.1 0.0.0.0 area 0
(config-router)#network 10.0.0.0 0.255.255.255 area 10
This configuration makes Router B an area border router, as it belongs to both area 0 and area
10. This is a basic OSPF configuration; some additional changes can make OSPF more eff i c i e n t .
Recall that all OSPF routers within an area must have an identical link state database. With a
basic configuration, all network information would be flooded throughout the entire OSPF rout-
ing domain. This can create a very large OSPF database, using a significant amount of memo-
ry. When there is a topology change, all routers would be involved in convergence. This
adversely impacts router CPU and network bandwidth. Additionally, as a general rule, the more
routers involved in convergence, the slower the convergence time. Some tuning of OSPF can
make it more efficient in terms of router and network resource use.
It would make sense to make area 10 totally stubby – Router C would then have only intra-
area routes and a default route pointing to Router B. There is no need to send OSPF hellos
out interface Fa0/0, so make it a passive interface. Additionally, if all subnets of 10.1.0.0/16 are
in area 10, we could summarize the routes advertised into area 0.
(config-router)#area 10 stub no-summary
(config-router)#passive-interface fa0/0
(config-router)#area 10 range 10.1.0.0 255.255.0.0
With these simple changes, a topology change in area 10 does not affect Router A at all, as
long as the summary route is still valid. Similarly, a topology change in area 0 does not affect
Router C at all. Router B is still affected by topology changes in both areas, since Area Border
Routers keep the complete database for each area they border. A good design consideration is
to have several ABRs each bordering a few areas, rather than a few ABRs each bordering
many areas.
When designing an OSPF network, it is common to wonder how many routers and networks to
put in one area, and how many areas to have. There is no single good answer to these ques-
tions, as they depend on many factors. For example, networks with good summarization can
accommodate more routers per area, networks with many stub areas can accommodate more
areas, and routers with fast CPUs and high memory can hold more information in their data-
bases. The main thing is to understand OSPF and work with it, rather than trying to challenge
it. Awell-designed OSPF network can converge quickly (in under a second) and operate eff i c i e n t-
ly. For instance, consider the following network (some links have been omitted for simplicity):
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 8
One possible design would be to put the Core routers in Area 0, along with the connected
interfaces of the Distribution routers. The two Distribution routers on the left, and their connect-
ed Access routers, would comprise one area. The two Distribution routers on the right, along
with their connected Access routers, would comprise another area. Summarization could be
done only on the Distribution routers. As a result, the Distribution and Access-layer routers
could have about 1,030 routes in their routing tables. Also, at least six routers are involved in
convergence when there is a topology change. (Perhaps more, if there are other routers in the
Access-layer “cloud”.) Contrast this with the same network, in the EIGRP section.
Another option would be to extend Area 0 to include the links between the Distribution and
Access-layer routers. Then each Access-layer router would be its own OSPF area, could sum-
marize its subnets to a 16-bit mask (e.g., 10.4.0.0/16), and could be a stub area. This would
minimize the number of routes per router, and the number of routers involved in convergence
in each area, but it also means that the Access routers are part of the core area. Hopefully, this
helps you see that network design is a serious consideration with OSPF.
In this time of such high security concerns, I would be lax not to mention authentication. OSPF
can do both clear text and MD5 authentication between routers. This is a good feature to use
to prevent an attacker from hijacking your routing and injecting false routes. As long as you’re
using authentication, you might as well use MD5, as it is more secure. Commands to enable
this are given both under the OSPF routing process and under the interface configuration
mode. As an example, if we wished to use authentication in area 0, using “aSecret1” as the
password, we would configure Router B as follows:
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 9
(config)#router ospf 1
(config-router)#area 0 authentication message-digest
(config-router)#interface s1/1
(config-if)#ip ospf message-digest-key 1 md5 aSecret1
One last thing to plan in OSPF is the router ID. Each OSPF router is identified in the database by
an IP address. Router ID can be statically configured under the OSPF process, or dynamically
chosen by the router. If it is not statically configured, then the router chooses the highest loop-
back interface IP address, if any loopbacks are present. If not, then the router chooses the
highest IP address of an active interface. Duplicate router IDs can cause a problem in the net-
work and break your routing. The safest way to ensure that each router has a unique router ID
is to first create a loopback interface on each router with the IP address you wish to use as that
r o u t e r’s ID. Next, statically configure that IP address to be the router ID under the OSPF process.
Then the router ID will be unique, it will not change, and you can ping it when troubleshooting.
Enhanced Interior Gateway Protocol (EIGRP)
EIGRP is a Cisco proprietary distance-vector routing protocol. It was created to be used with
basically any media and network topology, to converge quickly, and to use network resources
efficiently. It uses an algorithm called DUAL – Diffusing Update Algorithm – to calculate a loop-
free path to each network. It really shines in networks with more than two levels of hierarchy,
because you can summarize at any router’s interface. EIGRP’s metric is based on the lowest
bandwidth on the path to a network, and the sum of the interface delays along the path to that
network.
Convergence Speed
In a properly designed network, EIGRP converges very quickly. For every destination network,
it will attempt to identify a backup route. Then, if the primary route goes down, the router
immediately inserts the backup route into the table. No recalculation or querying of neighbors
is necessary. The catch to this is that an alternative path to each network must exist.
Additionally, EIGRP must be able to insure that the alternative path is loop-free. It does this by
comparing the metric (or distance) advertised by each neighbor, for each network, to the metric
of its best route to that network. Any neighbor with an advertised distance less than the best
distance can be used as a backup next hop.
Copyright ©2005 Global Knowledge Network, Inc. All rights reserved.
Page 10
OSPF Summary
Convergence Speed — Fast
Ease of Use — More complex than RIP or EIGRP
Network Topology — Requires a two-level hierarchy with backbone are. Scales to very large
networks in a hierarchical network
Vendor Support — Widely supported by many vendors
IPv6 Support — Supported in OSPF v3
When to Use — In a (possibly multi-vendor) network with a two-level hierarchy, and IP
addressing design that allows summarization
[...]... native IP routing protocols Configuring it is not difficult, however, once you understand how it works The main problem is that fewer companies use IS-IS than use OSPF, and thus fewer network engineers know how to support it IS-IS configurations tend to be less complex than OSPF, mostly because there are fewer changes you can make to the protocol s operation Network Topology IS-IS is a link-state protocol. .. Denise has her CCIE certification in Routing and Switching For Further Reading • Routing TCP/IP, Jeff Doyle, Cisco Press • Advance IP Network Design, Alvaro Retana, Don Slice, Russ White, Cisco Press Copyright ©2005 Global Knowledge Network, Inc All rights reserved Page 20 • EIGRP for IP, Alvaro Retana, Russ White, Don Slice, Addison-Wesley • OSPF: Anatomy of a Routing Protocol, John T Moy, Addison-Wesley... Intermediate System Thus, the protocol defines communication from an Intermediate System to another Intermediate System IS-IS is a link-state protocol and, like OSPF, divides the network into areas All inter-area communication goes through the backbone, but the backbone is not a discrete area An IS-IS backbone is merely an unbroken string of routers doing Level 2 (inter-area) routing These routers can... installed in the routing table EIGRP also adapts itself to various types of network links It sends hello messages less frequently on slower links It also paces its packets so that it will not overwhelm a link – EIGRP limits itself to using half of the bandwidth configured on an interface This bandwidth percent is also configurable Vendor Support EIGRP is a Cisco-proprietary routing protocol, so all... addressing is designed for summarization Copyright ©2005 Global Knowledge Network, Inc All rights reserved Page 14 Intermediate System – Intermediate System (IS-IS) IS-IS is a routing protocol created by the ISO and is based on OSI protocols, not on IP However, there is a version of IS-IS adapted to carry IP route information, called “Integrated IS-IS” This is the version we discuss here IS-IS uses CLNS... things: it reduces the amount of update traffic, it reduces the length of routing tables, and it sets boundaries for queries Bounding queries is an important consideration with EIGRP When a router loses the path to a network and doesn’t have a backup path, then it must query all its neighbors If those routers had the network in their routing tables and don’t have a backup path either, then they must in... Additionally, you must plan the IP addressing scheme IS-IS is a classless protocol, thus you can use VLSM It is also capable of summarizing IP addresses You would typically want to plan your IP addressing so that you are able to summarize at area borders This reduces the amount of information your neighbor routers must store in their routing tables, and also the amount of information your router must send... configuration mode The command is similar to those in other protocols If Router D were summarizing its two subnets, the command would be: (config-router)#summary-address 10.4.0.0 255.254.0.0 One last option you should consider is authentication With IS-IS, passwords can be configured either at an interface, for an entire area, or for the entire IS-IS routing domain Passwords configured at an interface are... thus authenticate the establishment of adjacencies The area password is carried in all L1 messages and authenticates the exchange of intra-area routing information The domain-wide password is carried in L2 messages and thus authenticates the exchange of inter-area routing information Multiple types of passwords can be used on a router However, you should understand that these passwords are sent as clear... of this writing, EIGRP support for IPv6 is still being developed Tasks and Tips Enable EIGRP routing under the global configuration mode You must specify an autonomous Copyright ©2005 Global Knowledge Network, Inc All rights reserved Page 12 system number; this number must match on all routers that exchange routing information The network statement enables EIGRP on any interface that falls within the . wishing more information on a particular protocol.
Routing Information Protocol (RIP)
RIP was one of the first IP routing protocols. It is simple to understand.
Right Interior
Routing Protocol
1-800-COURSES
www.globalknowledge.com
Expert Reference Series of White Papers
Introduction
Choosing an IP routing protocol is
Ngày đăng: 17/01/2014, 06:20
Xem thêm: Tài liệu Choose Routing Protocol pptx, Tài liệu Choose Routing Protocol pptx