routing ii - department of computer engineering
TRANSCRIPT
1
Routing II
รศ.ดร. อนันต์ ผลเพิ่ม
Asso. Prof. Anan Phonphoem, [email protected]
http://www.cpe.ku.ac.th/~anan
Computer Engineering Department
Kasetsart University, Bangkok, Thailand
IS-IS
Intermediate-System to Intermediate-System (IS-IS)
Integrated IS-IS (Support both TCP/IP and Connectionless Network Protocol: CLNP)
Link State routing protocol
Terminology
End systems (ES) Host
Intermediate System (IS) Router
3
Timeline OSPF and IS-IS
4
many extensions for both protocols1998-2000
many ISPs switch from OSPF to IS-IS1996-1998
ISPs begin deployment of IS-IS (popular)1995
Large ISPs need an IGP; IS-IS is recommended1994
Most run OSPF (Very few deploy IS-IS)1992
Dual-mode IS-IS RFC published; OSPF v.2 RFC published1990-1991
OSPF v.1 RFC published
IS-IS becomes ISO proposed standard
1989
Originated by DEC phase V1985
IS-IS (from DEC) selected by ANSI as OSI intradomain protocol (CLNP only)
1987
OSPF work begins, loosely based on IS-IS1988
http://www.nanog.org
OSI: Two Network Services, Two Network Protocols
CMNS (Connection Mode Network Service)
Requires establishment of a path @transport layer
CONP (Connection-Oriented Network Protocol)
CLNS (Connectionless Network Service)
Datagram support, No circuit establishment
CLNP (Connectionless Network Protocol)
6
IS-IS Routers
7
Level 1 IS (L1 IS, router) Analogous to OSPF Internal non-backbone router
(Totally Stubby)
Responsible for routing to End System (ES) inside an area.
Level 2 IS (L2 IS, router) Analogous to OSPF Internal Backbone router
Responsible for routing between areas
Level 1 and 2 IS (L1-L2 IS, router) Analogous to OSPF Area Border Router (ABR router)
Participate in both L1 intra-area routing and L2 inter-area routing.
IS-IS Area
9
AS 23
L2 Area 0
AS 44
AS 193
L1 Area 3
L1 Area 2
L1 Area 1
L1/L2
L1/L2
L1/L2
L1/L2
Like ABR in OSPF
Data Encapsulation & Addressing
IS-IS message are not carried in IP datagrams
Message called Protocol Data Units (PDU)
Encapsulated directly in Data Link Layer frames
SNPA (Subnetwork Point of Attachment)
Data Link Address
11
IS-IS address format
Hierarchical Address
IDP: Initial Domain Part
DSP: Domain Specific Part
OSI network layer addressing is done through the NSAP (Network Service Access Point)
Represented in hexadecimal (up to 40 hex digits)
12
NSAP
IS-IS address format
13
Cisco format: Area – System ID – NSEL (always 00 on ISs)49.0001.2222.2222.2222.00
Variable Length Add.
NSAPs – Cisco Format
Area
Add. starting with 49 (AFI=49) are considered private IP add.
Routed by IS-IS
Should not be advertised to other CLNS networks (outside this IS-IS domain)
Additional 2 bytes (HODSP) added for the area ID
All routers in the same are must have the same area add.
14
Area – System ID – NSEL 49.0001.2222.2222.2222.00
NSAP
NSAPs – Cisco Format
15
System ID
Same no. of bytes throughout the domain. Cisco fixes@ 6 bytes.
Customary can be
MAC address from the router
IP address of loopback interface
192.168.111.3 -> 192.168.111.003 -> 1921.6811.1003
Each device (IS and ES) must have a unique System ID within the area.
Area – System ID – NSEL 49.0001.2222.2222.2222.00
NSAP
NSAPs – Cisco Format
16
NSEL (NSAP Selector) NSEL is a service identifier like port or socket in TCP/IP. Not used in routing decisions. NSEL = 00 means the device itself (the network level
address) The NSAP with a NSEL = 00
is known as a Network Entity Title (NET)
Area – System ID – NSEL 49.0001.2222.2222.2222.00
NSAP
NSAP (NETs)
17
Example: NSAP 39.0002.aaaa.bbbb.cccc.00Area ID is 39.0002System ID is aaaa.bbbb.cccc (4444.4444.4444)NSAP selector byte is 00
Network Representation
18
In OSI, only two main types of physical links: Broadcast: usually LANs
Nonbroadcast: Point-to-Point, Multipoint, and dynamically established links (WAN links)
Thus, IS-IS supports only Broadcast (LAN) and Point-to-Point (for all other media)
Broadcast
Point-to-Point
Hello Message
To establish adjacencies with other routers (ISs) and ESs
Uses Hello PDUs.
3-type of Hello PDUs:
ESH, sent by ES to an IS
ISH, sent by IS to an ES
IIH, used between two ISs (normally transmitted every 10 seconds)
19
Synchronization and Update Process
20
LSP: Link State PDUPSNP: Partial Sequence Number PDU
If PSNP not received, resends LSP
IS-IS Routing Process
Divided into four stages:
Update process
Decision -- Uses Dijkstra’s algorithm to build a SPT (Shortest Path Tree)
Forwarding -- forwarding table
Receive
21
Example: IP route @ SanJose1
22
L1/L2
SanJose1#show ip route
Gateway of last resort is not set
i L2 192.168.30.0/24 [115/20] via 10.0.0.1, Serial0/0
C 192.168.10.0/24 is directly connected, FastEthernet0/1
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.0.0 is directly connected, FastEthernet0/0
i L1 192.168.20.0/24 [115/20] via 172.16.0.2, FastEthernet0/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, Serial0/0
Example: IP route @ SanJose2
23
L1/L2
SanJose2#show ip route
Gateway of last resort is 172.16.0.1 to network 0.0.0.0
i L1 192.168.10.0/24 [115/20] via 172.16.0.1, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.0.0 is directly connected, FastEthernet0/0
C 192.168.20.0/24 is directly connected, FastEthernet0/1
10.0.0.0/30 is subnetted, 1 subnets
i L1 10.0.0.0 [115/20] via 172.16.0.1, FastEthernet0/0
i*L1 0.0.0.0/0 [115/10] via 172.16.0.1, FastEthernet0/0
Example: IP route @ Phoenix
24
L1/L2
Phoenix#show ip route
Gateway of last resort is not set
C 192.168.30.0/24 is directly connected, FastEthernet0/1
i L2 192.168.10.0/24 [115/20] via 10.0.0.2, Serial0/0
172.16.0.0/24 is subnetted, 1 subnets
i L2 172.16.0.0 [115/20] via 10.0.0.2, Serial0/0
i L2 192.168.20.0/24 [115/30] via 10.0.0.2, Serial0/0
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, Serial0/0
Routing Protocol
26
IGP (Interior Gateway Protocol) Exchange routing info. within an AS
RIP, IGRP, EIGRP, OSPF
EGP (Exterior Gateway Protocol) Exchange routing info. between AS
BGP
Autonomous System (AS) [RFC 1771] “A set of routers under the single technical
administration, using an IGP and common metrics to route packets within the AS, and using an EGP to route packets to other AS’s.”
Internet - Early Age
27
EGP Restriction: •Tree only•One Backbone
อินเทอรเ์นต็แบ็คโบน
EGP
IGPAS 2
EGP
IGP AS 1
EGP
อินเทอรเ์นต็แบ็คโบน
EGPEGP
IGPAS 2
EGPEGP
IGP AS 1
EGPEGP
Internet Backbone
Internet – Current State
28
BGP-4
ISP 1
IGP
BGP-4
BGP-4
BGP-4
BGP-4BGP-4
BGP-4 BGP-4BGP-4BGP-4
IGP
IGP
ISP 2 ISP 3
ISP Connection•Tree -> Graph
Autonomous System (AS)
29
AS 1
AS 20
AS 5
AS 7
Autonomous System Boarder router (ASBR)
Exterior Gateway Protocol(EGP Link)
Interior Gateway Protocol(IGP Link)
This is the Internet !
BGP
30
Border Gateway Protocol
BGP-4
Concentrate on Loop-Free > lowest cost
Based on policy
e.g. lowest # of AS
Need to go through AS 12
Advanced distance vector routing protocol Path Vector routing protocol
Path Vector Routing
Limitation of Distance vector / Link state
Interior routing protocol (Intra-Domain/AS)
Exterior routing protocol (Inter-Domain/AS)
Router holds
a list of networks that can be reached with the path (ASs to pass)
x.x.x.x can be reached through AS y
Analogy
National map (Distance Vector) road, city, distance
International Map (Path Vector) existing of cities in each country should be passed to reach destination
RFC 1772
Border Gateway Protocol (BGP)
Creating a BGP “peering” relationship involves an interesting combination of trust and mistrust
“Your ISP will show little patience with you if you make mistakes in your BGP configuration”.
34
BGP Route Selection
35
N4
AS 4
N5
AS 5
N6
AS 6
N7
AS 7
N2
AS 2
N3
AS 3
N1
AS 1
4.0.0.0
14.0.0.0
5.0.0.0
6.0.0.0
7.0.0.0
17.0.0.0
N2 ประกาศเส้นทาง(<4.0.0.0, 14.0.0.0, 5.0.0.0>,
<AS 2>) ให ้N1
N1 ประกาศเส้นทาง(<4.0.0.0, 14.0.0.0, 5.0.0.0>,
<AS1, AS 2>) ให้ N3
N4
AS 4
N5
AS 5
N6
AS 6
N7
AS 7
N2
AS 2
N3
AS 3
N1
AS 1
4.0.0.0
14.0.0.0
5.0.0.0
6.0.0.0
7.0.0.0
17.0.0.0
N2 ประกาศเส้นทาง(<4.0.0.0, 14.0.0.0, 5.0.0.0>,
<AS 2>) ให ้N1
N1 ประกาศเส้นทาง(<4.0.0.0, 14.0.0.0, 5.0.0.0>,
<AS1, AS 2>) ให้ N3
Route Announcement: no CIDR
36
อินเทอร์เน็ต
202.0.1.0/24,202.0.32.0/24,
202.0.2.0/24,202.0.33.0/24,
202.0.3.0/24
202.0.0.0 -
202.0.255.0
ISP 3
ISP 1
202.0.32.0 -
202.0.47.0
202.0.0.0 -
202.0.15.0
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.1.0/24,
202.0.2.0/24,
202.0.3.0/24
202.0.32.0/24,
202.0.33.0/24ISP 2
202.0.1.0
อินเทอร์เน็ต
202.0.1.0/24,202.0.32.0/24,
202.0.2.0/24,202.0.33.0/24,
202.0.3.0/24
202.0.0.0 -
202.0.255.0
ISP 3
ISP 1
202.0.32.0 -
202.0.47.0
202.0.0.0 -
202.0.15.0
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.1.0/24,
202.0.2.0/24,
202.0.3.0/24
202.0.32.0/24,
202.0.33.0/24ISP 2
202.0.1.0
อินเทอร์เน็ต
202.0.1.0/24,202.0.32.0/24,
202.0.2.0/24,202.0.33.0/24,
202.0.3.0/24
202.0.0.0 -
202.0.255.0
ISP 3
ISP 1
202.0.32.0 -
202.0.47.0
202.0.0.0 -
202.0.15.0
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.1.0/24,
202.0.2.0/24,
202.0.3.0/24
202.0.32.0/24,
202.0.33.0/24ISP 2
202.0.1.0
Route Announcement: with CIDR
37
202.0.1.0
อินเทอร์เน็ต
202.0.0.0/16
202.0.0.0/16
ISP 3
ISP 1
202.0.32.0/20202.0.0.0/20
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.0.0/20 202.0.32.0/20
ISP 2
202.0.1.0
อินเทอร์เน็ต
202.0.0.0/16
202.0.0.0/16
ISP 3
ISP 1
202.0.32.0/20202.0.0.0/20
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.0.0/20 202.0.32.0/20
ISP 2
202.0.1.0
อินเทอร์เน็ต
202.0.0.0/16
202.0.0.0/16
ISP 3
ISP 1
202.0.32.0/20202.0.0.0/20
202.0.2.0
202.0.3.0 202.0.32.0 202.0.33.0
202.0.0.0/20 202.0.32.0/20
ISP 2
BGP Hazards -- Scenario
38
Suppose, that through some misconfiguration you advertise 207.46.0.0/16 to your ISP.
Your ISP does not filter out and advertise to the Internet.
This CIDR block belongs to Microsoft, and you have just claimed to have a route to that destination.
Many decide that the best path to Microsoft is through your domain.
Flood of unwanted packets (black-holed traffic that should have gone to Microsoft)
They will be neither amused nor understanding.
By Rick Graziani
BGP Basics
BGP uses a list of AS numbers through which a packet must pass to reach a destination.
The function of BGP is to:
Exchange routing information between AS
Guarantee the selection of a loop free path.
39
BGP Basics
BGP4
first version of BGP that supports CIDR and route aggregation.
Common IGPs such as RIP, OSPF, and EIGRP use technical metrics.
BGP does not use technical metrics.
Routing decisions based on
network policies, or rules
BGP does not show the details of topologies within each AS.
BGP sees only a tree of AS 40
BGP Basics
41
BGP updates are carried using TCP on port 179.
In contrast, RIP updates use UDP port 520
OSPF, IGRP, EIGRP does not use a Layer 4 protocol
Because BGP requires TCP, IP connectivity must exist between BGP peers.
TCP connections must also be negotiated between them before updates can be exchanged.
Therefore, BGP inherits those reliable, connection-oriented properties from TCP.
Loop free Path
42
AS Path: 10,20,30,40
AS 10
AS 20
AS 30 AS 40
AS Path: 10
AS Path: 10,20
AS Path: 10,20,30
AS Path: 10,20,30,40
BGP views the whole internetwork as a graph, or tree, of AS
BGP Operation
43
When two routers establish a TCP-enabled BGP connection between each other, they are called neighbors or peers.
Each router running BGP is called a BGP speaker.
Exchange and Update
44
Exchange Incremental updates
Withdraw route
Peers exchange keepalive messages (e.g. 60 sec for Cisco)
to ensure the connection is maintained.
BGP Message
45
There are four BGP message types:
Type 1: OPEN (After the TCP establishment, both neighbors send Open messages)
Type 2: KEEPALIVE
Type 3: UPDATE
Type 4: NOTIFICATION
All BGP messages are Unicast to the one neighbor over the TCP connection.
46
Thaisarn Uninet
Internet
OCS
LIB ENG
KU Gateway
50Year
SCI
Firewall & Shaper & Cache
KPS
SRI
CSC
RAT
NOP
SATITOCS
SPN
1G
1G
1G
1G
34M
34M
2M
100M
2M
6M
24 April 2005
2M
Area 1
Area 2
Area 3
Area 5
Area 4
Area 10
Area 11
Area 12
Area 13
Area 0
512K