| 0 comments ]

Routing Protocol Deployment

Add a note hereThis section first describes why certain protocols are suitable for specific modules in the Enterprise Architecture. After that is a discussion of the following advanced routing features: redistribution, filtering, and summarization.

Add a note here Routing Protocols in the Enterprise Architecture

Add a note hereRecall from Chapter 3, “Structuring and Modularizing the Network,” that the modules in the Cisco Enterprise Architecture correspond to places in the network. The choice of routing protocols depends on the network design goals. Therefore, the routing protocol decision should be made only after the network goals and topology are determined. Running multiple routing protocols might be necessary in large enterprise networks, for example, when a network upgrade is performed; the old routing protocol usually coexists with the new one during the transition period.

Add a note hereAs discussed in previous sections of this chapter, routing protocols differ in many ways. For example, how routing information is exchanged, convergence times, metrics used for optimal route determination, required amount of processing power and memory, and availability of a routing protocol on various platforms can determine whether a routing protocol is more or less suitable for a network or parts of a network. The following sections explain why certain protocols are suitable for specific modules in the Enterprise Architecture, and the advantages and disadvantages of individual protocols.

Routing in the Campus Core

Add a note hereThe Campus Core provides high-speed data transmission between Building Distribution devices. The Campus Core is critical for connectivity and, therefore, incorporates a high level of redundancy using redundant links and load sharing between equal-cost paths. In the event of a link failure, it must immediately converge, adapting quickly to change to provide a seamless transport service.

Add a note hereThe decision of whether to use EIGRP or OSPF should be based on the underlying physical topology, IP addressing, equipment used, and possible issues related to the routing protocol in a particular situation. Figure 7-14 illustrates routing protocols in the Enterprise Architecture, including those recommended for the Campus Core.

Click to collapse
Add a note hereFigure 7-14: Routing Protocols in the Enterprise Architecture

Add a note here The following are considerations for routing protocol use in the Campus Core:

  • Add a note hereOSPF imposes a strict hierarchical design. OSPF areas should map to the IP addressing plan, which cannot always be achieved.

  • Add a note hereEIGRP restricts vendor selection because it is a Cisco-proprietary protocol. One way to overcome this restriction is to use EIGRP in the Campus Core and other routing protocols in the non-Cisco parts of the network, and redistribute between the protocols.

Add a note hereThe following are reasons that other routing protocols are not considered for the Campus Core:

  • Add a note hereEven if routing only IP, IS-IS requires detailed knowledge of the OSI protocol suite for proper configuration, and that knowledge is not widely available.

  • Add a note hereRIP is not recommended as a Campus Core routing protocol because of its periodic transmission of the entire routing table, which results in relatively slow convergence, and because the RIP metric is based on hop count.

  • Add a note hereUsing static routing in the Campus Core is not an option because static routing requires administrative intervention for changes and on link failures.

Routing in the Building Distribution Layer

Add a note hereThe Building Distribution layer is the intermediate point between the Campus Core and the Building Access layers. In addition to other issues (such as physical media and IP addressing), the choice of routing protocol depends on the routing protocols used in the Campus Core and Building Access.

Add a note hereFor example, if EIGRP is the Campus Core routing protocol and RIPv1 is the Building Access layer routing protocol (to support legacy equipment), both routing protocols are used in the Building Distribution devices, with redistribution and filtering.

Routing in the Building Access Layer

Add a note hereThe Building Access layer provides local users with access to network resources. The underlying physical topology, IP addressing, and the available processing power and memory in the Building Access layer equipment influence the routing protocol choice. The recommended routing protocols for the Building Access layer are OSPF and EIGRP. Using static routing in the access layer is also a possibility.

Routing in the Enterprise Edge Modules

Add a note hereIn the Enterprise Edge modules, the underlying physical topology, IP addressing, and the deployed equipment also drive the choice of routing protocol.


Note

Add a note hereRouting protocols running in the enterprise edge module are referred to as edge routing protocols.

Add a note hereEIGRP gives an administrator more influence on routing and is suitable for NBMA environments in which there is a split-horizon issue because EIGRP split-horizon can be turned off. When equipment from multiple vendors is part of the overall design, the use of EIGRP is restricted to only where Cisco devices exist.

Add a note hereThe limitations of using OSPF as an Enterprise Edge routing protocol are related to its high memory and processing power requirements, which might preclude its use on older routers, and its strict hierarchical design. The high memory and processing power requirements can be reduced using summarization and careful area planning.

Add a note hereOSPF also requires significant configuration expertise. OSPF is appropriate in environments such as LAN, NBMA, and dialup.

Add a note hereThe Remote Access and VPN module provides connectivity to corporate networks for remote users via dialup connections and dedicated IPsec VPNs across the Internet. In a dialup environment, static routing is typically used.

Add a note hereDepending on whether multiple exit points exist and on redundancy requirements, either static routes or BGP are used for Internet connectivity. Static routes are used when only one exit point exists; they use less overhead than BGP routing. BGP is used when there are multiple exit points and when multihoming is desired.

Add a note here Route Redistribution

Add a note hereThis section introduces route redistribution and discusses administrative distance and the process used to select the best route. The specifics of route redistribution deployment are described.

Using Route Redistribution

Add a note here The following are possible reasons why you might need multiple routing protocols running at the same time within your network:

  • Add a note hereYou are migrating from an older IGP to a new IGP. Multiple redistribution boundaries might exist until the new protocol has displaced the old protocol completely. Running multiple routing protocols during a migration is effectively the same as a network that has multiple routing protocols running as part of its design.

  • Add a note hereYou want to use another protocol but have to keep the old routing protocol because of the host system’s needs. For example, UNIX host-based routers might run only RIP.

  • Add a note hereSome departments might not want to upgrade their routers to support a new routing protocol.

  • Add a note hereIf you have a mixed-vendor environment, you can use the Cisco-proprietary EIGRP routing protocol in the Cisco portion of the network and then use a common standards-based routing protocol, such as OSPF, to communicate with non-Cisco devices.

Add a note hereIn some cases, the same protocol may be used in multiple different domains or autonomous systems within a network. Multiple instances of the protocol are treated no differently than if they were distinct protocols; redistribution is required to exchange routes between them. Accordingly, redistribution of routes is required when one or both of the following occur:

  • Add a note hereMultiple routing protocols are used in the network—for example, RIPv2, EIGRP, and OSPF.

  • Add a note hereMultiple routing domains are used in the network—for example, two EIGRP routing processes.

Add a note hereRedistribution occurs on the boundaries between routing protocols and between domains. As shown in Figure 7-15, redistribution occurs on a router with interfaces that participate in multiple routing protocols or routing domains.

Image from book
Add a note hereFigure 7-15: Redistribution Occurs on the Boundaries Between Protocols or Domains

Administrative Distance

Add a note here Most routing protocols have metric structures and algorithms that are incompatible with other protocols. It is critical that a network using multiple routing protocols be able to seamlessly exchange route information and be able to select the best path across multiple protocols. Cisco routers use a value called administrative distance to select the best path when they learn of two or more routes to the same destination from different routing protocols.

Add a note hereAdministrative distance rates a routing protocol’s believability. Cisco has assigned a default administrative distance value to each routing protocol supported on its routers. Each routing protocol is prioritized in order, from most to least believable.

Add a note here Table 7-4 lists the default administrative distance of the protocols supported by Cisco routers.

Add a note here Table 7-4: Administrative Distance of Routing Protocols
Open table as spreadsheet

Add a note hereRoute Source

Add a note hereDefault Distance

Add a note hereConnected interface

Add a note here0

Add a note hereStatic route out an interface

Add a note here0

Add a note hereStatic route to a next-hop address

Add a note here1

Add a note hereEIGRP summary route

Add a note here5

Add a note hereExternal BGP

Add a note here20

Add a note hereInternal EIGRP

Add a note here90

Add a note hereIGRP[1]

Add a note here100

Add a note here OSPF

Add a note here110

Add a note hereIntegrated IS-IS

Add a note here115

Add a note hereRIPv1, RIPv2

Add a note here120

Add a note hereEGP

Add a note here140

Add a note hereOn-demand routing

Add a note here160

Add a note hereExternal EIGRP

Add a note here170

Add a note hereInternal BGP

Add a note here200

Add a note hereUnknown

Add a note here255

Add a note here [1]IGRP is no longer supported as of Cisco IOS Release 12.3. It is included in this table for completeness.

Selecting the Best Route

Add a note hereCisco routers use the following two parameters to select the best path when they learn two or more routes to the same destination from different routing protocols:

  • Add a note here Administrative distance: As described in the previous section, the administrative distance is used to rate a routing protocol’s believability. This criterion is the first thing a router uses to determine which routing protocol to believe if more than one protocol provides route information for the same destination.

  • Add a note here Routing metric: The routing metric is a value representing the path between the local router and the destination network, according to the routing protocol being used. This metric is used to determine the routing protocol’s “best” path to the destination.

Route Redistribution Direction

Add a note hereRedistribution is often applied between the Campus Core and Enterprise Edge protocols. As shown in Figure 7-16, redistribution is possible in two ways:

  • Add a note here One-way route redistribution: Routing information is redistributed from one routing protocol or domain to another, but not vice versa. Static or default routes are required in the opposite direction to provide connectivity.

  • Add a note here Two-way route redistribution: Routing information is redistributed from one routing protocol or domain to another, and vice versa. Static or default routes are not required because all routing information is passed between two entities.

Image from book
Add a note hereFigure 7-16: Route Redistribution Can Be One-Way or Two-Way

Add a note here Specific routes can be filtered, and the administrative distance of redistributed routes can be changed in either of these cases to reduce the possibility of routing loops and ensure that traffic is routed optimally.

Route Redistribution Planning

Add a note hereWhen deciding where and how to use route redistribution, determine the following:

  • Add a note hereThe routing protocols and domains that will be used in the network

  • Add a note hereThe routing protocol and domain boundaries (the boundary routers)

  • Add a note hereThe direction of route redistribution (one-way or two-way)

Add a note hereIf route redistribution is not carefully designed, suboptimal routing and routing loops can be introduced into the network when routes are redistributed in a network with redundant paths between dissimilar routing protocols or domains. Route filtering (as described in the “Route Filtering” section of this chapter) helps solve this problem.

Route Redistribution in the Enterprise Architecture

Add a note hereRedistribution is needed in the Building Distribution layer when different routing protocols or domains exist in the Building Access layer and Campus Core. Redistribution might also be needed between the Campus Core and the Enterprise Edge, including to and from WAN module routers, from static or BGP routes in the Internet Connectivity module, and from static routes in the Remote Access and VPN module. Figure 7-17 shows a sample enterprise network with redistribution points throughout.

Click to collapse
Add a note hereFigure 7-17: Route Redistribution in the Enterprise Architecture

Add a note hereIn this example, some remote sites require connectivity to the Server Farm; therefore, one-way redistribution is performed to inject routes from these remote sites into the Campus Core. Some remote sites require connectivity to the entire network; this is provided by two-way redistribution (otherwise, static routes would have to be configured in the Campus Core). The Building Distribution layer propagates only a default route down to the Building Access layer, whereas the Building Access layer advertises its own subnets to the Building Distribution layer.

Add a note here Redistribution might also be necessary in the Remote Access and VPN and Internet Connectivity modules. For a Remote Access and VPN module with static routing, static routes are injected into the Campus Core routing protocol. In the opposite direction, default routes provide connectivity for remote users.

Add a note hereIn an Internet Connectivity module with only one exit point, that exit point is the default route for traffic destined for the Internet and is propagated through the core routing protocol. If multiple exit points toward multiple ISPs exist, BGP provides Internet connectivity, and redistribution can be used.

Add a note here Route Filtering

Add a note hereAs mentioned, route filtering might be required when redistributing routes. Route filtering prevents the advertisement or acceptance of certain routes through the routing domain. Filtering can be configured as follows:

  • Add a note hereOn a routing domain boundary where redistribution occurs

  • Add a note hereWithin the routing domain to isolate some parts of the network from other parts

  • Add a note hereTo limit routing traffic from untrusted external domains

Add a note hereFiltering is used with route redistribution, primarily to prevent suboptimal routing and routing loops that might occur when routes are redistributed at multiple redistribution points. Route filtering is also used to prevent routes about certain networks, such as a private IP address space, from being sent to or received from remote sites.

Add a note here Redistributing and Filtering with BGP

Add a note hereAn enterprise border router running BGP typically announces only the major network (the prefix assigned to the enterprise network) to the external domains, excluding any details about subnets. This is done using the BGP network router configuration command, which allows BGP to advertise a network that is already part of its IP routing table.

Add a note hereAlternatively, internal networks could be summarized into one major subnet that covers the assigned public address space and redistributed into BGP. However, redistributing from an IGP into BGP is not recommended, because any change in the IGP routes—for example, if a link goes down—can cause a BGP update, which might result in unstable BGP tables.

Add a note here If IGP routes are redistributed into BGP, make sure that only local routes—those that originate within the AS—are redistributed. For example, routes learned from other autonomous systems (that were learned by redistributing BGP into the IGP) must not be sent out from the IGP again, because routing loops could result, or the AS could inadvertently become a transit AS. Private IP addresses must not be redistributed, so they should also be filtered. Configuring this filtering can be complex.

Add a note hereIn the other direction, either a default route or a default route plus a few other specific routes is passed into an enterprise AS. These can then be redistributed into the IGP running in the AS.

Add a note hereRedistributing all BGP routes into an IGP is not advised, because non-BGP participating routers do not require full Internet routing tables, and IGP protocols are unable to process large numbers of advertised routes. Unnecessary routes should be filtered.

Add a note here Route Summarization

Add a note here Chapter 6 explains route summarization (which is also called route aggregation or supernetting). In route summarization, a single summary address in the routing table represents a set of routes. Summarization reduces the routing update traffic, the number of routes in the routing table, and the overall router overhead in the router receiving the routes.

The Benefits of Route Summarization

Add a note hereA large flat network is not scalable because routing traffic consumes considerable network resources. When a network change occurs, it is propagated throughout the network, which requires processing time for route recomputation and bandwidth to propagate routing updates.

Add a note hereA network hierarchy can reduce both routing traffic and unnecessary route recomputation. To accomplish this, the network must be divided into areas that enable route summarization. With summarization in place, a route flap (a route that goes down and up continuously) that occurs in one network area does not influence routing in other areas. Instabilities are isolated and convergence is improved, thereby reducing the amount of routing traffic, the size of the routing tables, and the required memory and processing power for routing. Summarization is configured manually, or occurs automatically at the major network boundary in some routing protocols.

Recommended Practice: Summarize at the Distribution Layer

Add a note hereIt is a recommended practice to configure summarization in a large network from the distribution layers toward the core, as illustrated in Figure 7-18. The distribution layer should summarize all networks on all interfaces toward the Campus Core. WAN connectivity and remote access points should be summarized toward the core. For example, remote subnets could be summarized into major networks, and only those major networks would be advertised to the core.

Image from book
Add a note hereFigure 7-18: Summarizing at the Distribution Layer Reduces Routing Traffic

Add a note hereImplementing summarization at the distribution layer optimizes the convergence process. For example, if a link to an access layer device goes down, return traffic to that device is dropped at the distribution layer until the routing protocol converges. Summarizing also limits the number of peers that an EIGRP router must query or the number of LSAs that an OSPF router must process, which also reduces the convergence time.

Add a note hereCore routers that receive two routes for a network install the more-specific route in the routing table. Therefore, summary routes for primary links must use a longer subnet mask.

Recommended Practice: Passive Interfaces for IGP at the Access Layer

Add a note here Another recommended practice is to limit unnecessary peering across the access layer. In Figure 7-19, the distribution multilayer switches are directly connected to each other and are also interconnected with three access layer switches, each having four VLANs. By default, the distribution layer devices send routing updates and attempt to peer with the remote distribution layer devices across the links from the access switches on every VLAN. Having the distribution switches form neighbor relationships over these 12 access layer connections provides no benefit and wastes resources (including CPU processing time and memory). Therefore, the interfaces on the distribution layer devices toward the access layer devices are configured as passive interfaces under the routing protocol configuration. This suppresses the advertisement of routing updates for that routing protocol on those interfaces.

Image from book
Add a note hereFigure 7-19: Limit Unnecessary Peering Across the Access Layer

Summary

Add a note here In this chapter, you learned about selecting routing protocols for enterprise networks. The following topics were explored:

  • Add a note hereStatic versus dynamic routing

  • Add a note hereInterior versus exterior gateway routing protocols

  • Add a note hereDistance vector versus link-state versus hybrid routing protocols

  • Add a note hereRouting protocol metrics

  • Add a note hereRouting protocol convergence

  • Add a note hereFlat versus hierarchical protocols

  • Add a note hereEIGRP, a Cisco-proprietary routing protocol that includes a topology table for maintaining all routes received from its neighbors. The best of these routes are put in the routing table.

  • Add a note hereOSPF, an open-standard protocol that was developed to overcome the limitations of RIP

  • Add a note hereIntegrated IS-IS, a routing protocol designed for the OSI protocol suite and adapted for IP

  • Add a note hereBGP, an exterior routing protocol primarily used for inter-AS routing

  • Add a note hereRoute redistribution use in a network running multiple routing protocols

  • Add a note hereRoute filtering to prevent the advertisement of certain routes through the routing domain

  • Add a note hereRoute summarization to represent a series of routes by a single summary address


References

Add a note hereFor additional information, refer to these resources:

  • Add a note hereCisco Systems, Inc., Designing Large-Scale IP Internetworks, http://www.cisco.com/univercd/cc/td/doc/cisintwk/idg4/nd2003.htm.

  • Add a note hereCisco Systems, Inc., Designing a Campus Network for High Availability, http://www.cisco.com/application/pdf/en/us/guest/netsol/ns432/c649/cdccont_0900aecd801a8a2d.pdf.

  • Add a note hereTeare, Diane and Catherine Paquet. Authorized Self-Study Guide: Building Scalable Cisco Internetworks (BSCI), Third Edition. Cisco Press, 2006.

  • Add a note hereComer, Douglas E. and D. L. Stevens. Internetworking with TCP/IP, Volume 1: Principles, Protocols, and Architecture, Fifth Edition. Englewood Cliffs, New Jersey: Prentice-Hall, 2005.


Case Study: ACMC Hospital Routing Protocol Design

Add a note here This case study is a continuation of the ACMC Hospital case study introduced in Chapter 2.

Add a note hereIn this case study you determine the routing protocol design for the ACMC hospital network. Complete the following steps:

Add a note here Step 1

Add a note hereDetermine a suitable routing protocol or protocols for the ACMC network, and design the protocol hierarchy.

Add a note here Step 2

Add a note hereWhat summary routes could be configured in this network?

0 comments

Post a Comment