WP Routing New (The Cisco IP Routing Process)

8/9/2019 WP Routing New (The Cisco IP Routing Process)

1/18

WHITE PAPER

The CISCO IP Routing Process

including POLICY Routing

byAlexander Marhold

CCIE #3324, CCSI #20642, CCNP, CCDP


2/18

? 1999, PRO IN Consulting GmbH Page 2 of 18o

offset-list {access-list-number | name} in offset [type number]

distance weight [address mask [access-list-number | name]]distribute-list {access-list-number | name} in [type number]

passive-interface type number (only for Link State and EIGRP)ip access-group {access-list-number | name} in

( for selected protocol)

Policy Routingon incoming interface

selected by:

ip policy route-map map-tag

no match

or deny or

Routing Table

S ... Static

C ... Connectedx . ... dynamic routing

Input Access-listNAT

Output Access-list

NAT / PATAccounting

IncomingRoute Processing

ROUTE InformationOutgoing

Route ProcessingRoutes

Administrative Distance Metric

Route-TAGsRoute-TAGs

0 Connected1 Static Route

5 EIGRP Summary20 External BGP

90 Internal EIGRP100 IGRP

110 OSPF115 IS-IS

120 RIP170 External EIGRP

200 Internal BGP255

INCOMING from REMOTE

OUTGOING to same protocol

OUTGOING coming from other protocol

OUTGOING to another protocol

redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metricmetric-value] [metric-type type-value] [match {internal | external 1 |

external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets]default-information redistribution:

default-information originate [always] [metric metric-value] [metric-type type-value] {level-1 | level-1-2 | level-2} [route-map map-name] (RIP/OSPF)

default-information {in | out} {access-list-number | name} (IGRP/EIGRP)

distribute-list {access-list-number | name} out[routing-process |autonomous-system-number]

ip route prefix mask {address |interface} [distance] [tag tag]

[permanent]and from connected interfaces

distribute-list {access-list-number | name} out [interface-name]

passive-interface type numberoffset-list {access-list-number | name} out

offset [type number]

INCOMING from LOCAL

route-map map-tag [permit | deny] [sequence-number] FOR ROUTE REDISTRIBUTION

match interface type number [...type number]match ip route-source {access-list-number | name}[...access-list-number | name]

match metric metric-valuematch route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}

match tag tag-value [...tag-value]match ip address {access-list-number | name} [...access-list-number | name]

match ip next-hop {access-list-number | name}[...access-list-number | name]

route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTINGmatch ip address {access-list-number | name} [...access-list-number | name]

match length min max

set automatic-tagset level {level-1 | level-2 | level-1-2 | stub-area | backbone}

set local-preferenceset metric metric-value

set metric-type {internal | external | type-1 | type-2}set origin {igp | egp autonomous-system | incomplete}

set tag tag-valueset next-hop next-hop

set ip next-hop ip-address [...ip-address]set interface type number [...type number]

set default interface type number [... type number]set ip default next-hop ip-address [...ip-address]

The CISCO Routing Processincluding POLICY Routing

DATA

DATA Packets

Queueing

Recursive Lookup

Metric


3/18


! Disclaimer !

This White Paper was done with utmost

care and thorough reviewing but is

presented "AS IS" with possible errors and

misinterpretations.

However none of the pictures and

statements can be used as reference

regarding the behavior of the mentioned

devices. This paper was done independent

of Cisco and can never be used as

comm itment of any party. The author and

PRO IN declares that they will not be held

liable or responsible for any action a reader

of this White Paper will take following the

information given here.

Al l t rademarks belong to their owners.

Author:Alexander Marhold

Senior Consultant and TrainerPRO IN Consulting GmbHVienna / Austriamailto:[email protected]

Copyright Notice:? 1999-2001PRO IN Training GmbHComercial Use (Sale, Training, CBT,)

partly or in whole is strictly prohibited

The "Cisco Routing Process"is a set of mechanisms which forward IP data

packets and which populates the IP routing table

by using different sources like

?? routing updates from neighbors

?? connected interfaces??

static routesThe mechanism also sends out routing updateseventually converting them between different

routing protocols.

Additionally "IP Policy Routing" allowsto overcome the traditional destination

based routing.

For commanding this mechanisms a vast range

of commands and modifiers are defined in the

Cisco IOS.

The following mechanism and behaviorsare described in detail in this whitepaper:

the general packet forwardingprocesspolicy routing

routing updates and generalbehavior of routing protocolsthe INCOMIN G routing process and

its corresponding commandsthe OUTGOING routing process andits corresponding commands

The "processes" in this paper are models

for explaining the mechanisms, and arenot the real implemented IOS processes.This paper describes the above mentioned

mechanism without focussing on particular

routing protocols.

Also regarding ROUTE-MAPS this paper focuses

on IGP ( Interior Gateway Protocols) and doesnot treat the additional MATCH- and SET-clauses

which are available for BGP.

This paper is not based on a specific version of

IOS.

Topics NOT covered are:

?? details of different routing protocols

?? snapshot routing, ODR,

?? BGP

?? route authentication

?? the Link State (LS) mechanism?? QOS, COS, TOS routing

?? tunneling

This White Paper assumes, that the reader

already has a good knowledge about IP and IP

Routing Protocols.

The structure of the paper has the picture and its

details always on even pages and the description

to each picture on the page that follows. Thus

when printed doublesided will allow to see the

picture and the explanations without turning thepages.

The author l ikes to get f eedback,

suggestions and also corrections, so please

feel free to contact h im v ia E- mail.


4/18


Ethernet

Routing Table

S ... StaticC ... Connectedx .... dynamic routi ng


RIP

OSPF

RIP

Static Routes

Connected Interfaces

Routing Updates

Other NetworkInformation sources


5/18


Routing in General

Covers general topics in Routing and Routing

Updates.

Routers have 2 primary tasks:

Path Finding ( done via Routing Protocols)

Packet Forwarding ( Layer 3 IP function )

Path Finding is done by exchanging Routing

information between adjacent routers.

- In DISTANCE VECTOR routing protocols a

router forwards the networks of his routing table

( or changes of it) to its neighbors, observing

mechanisms of SPLIT-HORIZON. Depending on

the protocol the network information is sent with

(subnet-)mask-information or without. In RIPVersion 1 und IGRP no masks are transmitted,

thus preventing the freedom of using

discontigous subnets and/or VLSM (Variable

Length Subnet Masking).

- In LINK STATE routing protocols the

routers exchange informations regarding the

connected networks, the external routes

(interarea, static, from external routing

protocols), the connections to neighbor routers,

by forwarding LSPs (Link State Packets). These

LSPs are forwarded hop-by-hop to every otherrouter within an area. When receiving these LSPs

a router can calculate the best paths to

advertised networks.

How does a router knows of i ts neighbor ?

Again there is a difference between the routing

Protocols.

- DISTANCE VECTOR protocols send out their

routing updates as broadcast (RIP V1, IGRP) or

as multicasts (RIP V2) and by getting routing

updates the router learns the source of these

updates.

- LINK STATE protocols and EIGRP establish a

neighborship to adjacent routers by sending

HELLO-packets and control these links by

resending these HELLOs every short period.

When an ADJACENCY is found and eventually

verified the routers begin exchanging their

routing information.

!!! CAVEAT !!!

LINK STATE protocols and EIGRP only uses andestablishes ADJACENCIES using the PRIMARY

IP Address of an interface. If they do not match

the connection to the neighbor router will not be

established.

LINK STATE protocols also verify certain

parameters before allowing the connection to an

ADJACENCY:

?? same IP-subnet?? equal network type?? same value of timersthe command:

SHOW IP neighbor

shows the adjacencies and their status.

Dependent on the routing protocol there are also

various DEBUG commands which show in detail

the adjacency building process.

How to prevent rout ing updates or

establishing neighborsh ip on an interface ?

Generally this is done using the router command

PASSIVE-INTERFACE

For DISTANCE VECTOR protocols this

command ONLY prevents the sending out of

routing updates on a particular interface.

However it does not prevent from getting routing

updates over that interface.

!!!HINT!!!

In order to prevent getting routing updates for

Distance Vector protocols use the router

command:

DISTANCE 255

[ access-list ]With this command al routing updates sent out

by devices on the specified net will not be

considered for entry in the routing table.

For LINK STATE protocols and EIGRP

passive-interface prevents the establishment of

adjacencies and thus the sending of any LINK

STATE Packets.

However this does not prevent the router from

announcing this network as connected interface

in its routing updates over other interfaces.

OSPF treats that connected network of apassive-interface as STUB-NETWORK.

Also IS-IS and Integrated IS-IS have some

specialities regarding the OSI or IP informations

on such passive interfaces.


6/18


Routing Table

S ... StaticC ... Connectedx .... dynamic rout ing

Input Access-listNAT

Output Access-listNAT / PATAccounting


DATA

DATA Packets

Queueing

Recursive Lookup


7/18


The Packet Forw arding

Process

Packets are forwarded downst ream a path

from the sender to the receiver.

Route informat ion (information about the

reachability of a network) is forwarded

UPSTREAM from router to router.

This is important to consider when using blocking

of routing information in order to prevent access

to certain networks.

The packet forwarding is done by an

independent decision of each router on the path,

using the destination address of the packet and

the Routing Table as basis for finding a next-hop.

The router will consult the routing table (or a

special forwarding table, based on the content of

the routing table), comparing the destination

address with the network information in the

routing table and will use the most specific

network informat ion for a decision about the

outgoing path.

The lookup process can be recursive, that

means, that more than one lookup may be

needed in order to find the real next-hop-address

for forwarding the packet.

If such a next-hop or an outgoing interface is

found the router will forward the packet on the

specified connected interface.If no route is found and also no default-route is

available or appropriate, the router will delete

the packet and inform the sender via ICMP about

this happening.

What is CLASSFUL and CLASSLESS routing

CLASSFUL and CLASSLESS are behaviors for

using the default route when information about a

specific subnet is not in the routing table, but

other subnets of that mayor networkare found

in the routing table.

Example:

# show ip route (edited output)

network 172.16.0.0/16 is subnetted

2 subnets, 2 masksR 172.16.12.0/24 [120/2] 192.168.1.1 eth0R 172.16.16.0/20 [120/4] 10.0.0.1 ser0*S 0.0.0.0/0 [0/0] 11.1.1.1 ser1

The router now receives a packet on eth1 with

the destination address 172.16.10.234

This address belonging to a specific subnet of

172.16.0.0/16 is NOT in the routing table.

- With IP CLASSLESS the router wi l l take

the default route and forward the packet

out on Serial 1. This is done in dependent of

any other subnet information for that

mayor network 172.16.0.0/16.

- When CLASSFUL routing with the

command:

NO IP C LASSLESS is selected,the router would delete the packet and

inform the sender via ICMP t hat he cannot

forward the packet as the specified subnet

of the mayor network 172.16.0.0/16 is not

in his table.

What is "Gateway of last Resort",

default -network , ip route 0 .0.0.0 0.0.0.0 ?

IP Default- Network xxx.xxx.xxx.xxx - This

is the command that will cause a router to treat

xxx.xxx.xxx.xxx as a gateway of last resort. A

router can have multiple ip default-networks

entered.

Gateway of last resort - This is the term that

is applied to a routing entry in the Cisco routing

table that the router will use to forward packets

to when it lacks a more specific route. This can

be learned from a route provided by another

router that is tagged as a default by the

advertising router. The ip default-network

command is one way of having a router tag a

route as a gateway of last resort.

IP Default -Gateway - This command is used

in routers when IP routing disabled in order to

give them an address to forward packets that are

not in their address space. Routers in boot mode

are a good example of this situation.

IP ROUTE 0.0.0.0 0.0.0.0 establishes a default

route (catch-all) if no specific route is found

!!! CAVEAT !!!

The 0.0.0.0 route has special meaning for RIP. It is

automatically installed as the local gateway of last resort. Noip default-network 0.0.0.0 is required. RIP automaticallyadvertises the route to 0.0.0.0 even if redistribute static anda default metric are not configured.For other routing protocols the router command:DEFAULT-INFORMATION allows specific control offorwarding or receiving default routes


8/18



selected by:


no match

or deny or

Routing Table

S ... StaticC ... Connected

x .... dynamic routing

Input Access-list

NAT

Output Access-list

NAT / PAT

Accounting

route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTING

match ip address {access-list-number | name} [...access-list-number | name]match length min max


set default interface type number [... type number]set ip default next-hop ip-address [...ip-address]


DATA

DATA Packets

Queueing

Recursive Lookup


9/18


IP Pol icy Routing

IP Policy Routing overcomes the normal

destination based routing paradigma by allowing

different criteria as basis for a routing decision.

Among those criterias are:

?? the incoming interface?? selection by extended access-lists

?? precedence levels

?? packet sizes

??

But still one paradigma stays valid:

"The router only makes a local decision about

the next hop, i.e. where to send the packet out"

To overcome this one you need either Tunneling

or MPLS (Multiprotocol Label Switching).

IP Policy Routing uses ROUTE-MAPS fordefining the matching packets and for setting

actions.

ROUTE-MAPS define a numbered sequence of

MATCH and SET clauses , where the SET

defines the actions to be done for packets

matching the MATCH clauses.

IP POLICY ROUTING is applied to incoming

packets on interfaces by using the Interface

command:

IP POLICY ROUTE-MAP route-map-name

In case of no match found or when there is no

SETclause specifiying a next-hop or an outgoing

interface, then after the ROUTE-MAP the normal

routing table is used to find a next-hop-

address or outgoing interface.

!!! CAVEAT !!!

If there is an outgoing interface defined in a

SET-clause, this interface must be up and be of a

point-to-point type.

If there is a next-hop-address specified in the

SET-clause this address have to be a real next-

hop-address. That means that it must be an

address of a device belonging to a directly

connected network. (The Router will not do a

recursive lookup for the next-hop-address)

If the above mentioned requirements are not

met, the router will use the normal Routing table

based route decisions and ignore the SET

parameters.

Example:

The same Frame Relay interface is used as

connection to the outside world AND asconnections to Remote offices. The Firewall is

placed in to VLANs on a Fast Ethernet attached

switch

FR

Internet

Remote Offices

ISL

interface Serial3/0.31 multipoint

description INTERNET ACCESS

ip address 192.168.13.10 255.255

ip policy route-map OUT-t o-PIX

frame-relay map ip 192.168.13.1 501

!

interface FastEthernet4/1.24

description PIX-OUT

encapsulation isl 24ip address 10.0.5.1 255.255.255.0

ip policy route-map PIX-t o-OUT

!

route-map PIX-to-OUT permit 10

match ip address 1

set ip default next-hop 192.168.13.1

!

route-map OUT-to-PIX permit 10

match ip address 1

set ip default next-hop 10.0.5.2

!

access-list 1 permit any!

Routing

Table

PIX OUT

FRAMERELAYInterface

Fast Ethernet Interface

PIX-to-OUT

OUT-to-PIXInternet

Rem.OFF.


10/18


Routing Table

S ... StaticC ... Connectedx .... dynamic routing

Incoming

Route ProcessingROUTE Information

Outgoing





Metric


11/18


Routing I nformation

Processes:

General Considerations

A lot of problems and confusion arises from the factthat some basic principles in the Routing information

process are not correctly understood.

Therefore in this chapter I will give some fundamental

laws and principles and describe their consequences:

1 The mechanism of processing incomingrouting updates is COMPLETELY separated from

the mechanism of creating outgoing routingupdates.

The fact that a route is found in the routing table of a

router is a prerequisite but NOT necessarily sufficientcriteria for an outgoing routing update.

2 The original routes of every configured

routing process of a router wil l be considered,when decisions about which wil l enter the

routing table wil l be made.

This means that route REDISTRIBUTION is never usedin the incoming route processing.

3 If m ore than one information of a route is

found, the incoming route process wil l use firstthe ADMINI STRATIVE DISTANCE and then the

METRIC for deciding which route wil l beestablished in the routing table.

Cisco IOS has a predefined Administrative Distance for

each Routing Protocol which allows to prefer moretrusted information sources over less trusted one.

? Sometimes I am wondering why the developers

gave the second best distance of 1 to static routesentered by an administrator, as so called "Quick Fixes"

by using static routes are often the cause ofreachability and routing-loop problems. ?

4 Route R EDISTRIBUTION is only used for

outgoing routing updates.

In Principle: Route redistribution means that routes ofone routing protocol in the routing table will be sent

out, converted to another routing protocol oninterfaces configured for routing updates of that

second routing protocol.

5 Static Routes defined with a next-hop-address are considered one hop aw ay and have

a default Administrative Distance of 1

If the next -hop-address specified in the static route isnot a REAL next -hop-address (i.e. not an address in adirectly connected network) the router will do

recursive lookups to find this REAL next -hop-address.

6 Static Routes defined with an outgoinginterface are treated l ike connected networks (

i.e. networks that are 0 hops away) and thushaving a default Administrative Distance of 0.

Therefore static routes defining an outgoing interface

should be used only when the destination is on thatconnected network.

USAGE: When the connected network is addresstranslated, you need a static route for the outside

network pointing to that inside hidden network.

7 Static Routes where the outgoing interfaceis down or the nex t-hop-address is not

reachable are removed from the routing tableunless the parameter PERMANENT is specified .

This allows Failover of routes also without dynamic

routing protocols, when for example 2 static routeswith different Administrative Distances for 2 outgoing

interfaces or 2 different next -hop-addresses aredefined.

8 Routing proce sses are relying on a

consistent metric, in order that every routerfind the best path in a way, that all routes are

leading in the same direction.

As the base of metrics is different for different routingprotocols, a direct conversion of metrics from onerouting protocol to another is generally not possible.

When having more than one routing process defaultmetric information has to be used. This default hides

the correct information about the best path and thisinconsistency will lead to not optimal routing and also

often to ROUTING LOOPS in MUTUALREDISTRIBUTION (i.e. more than one redistribution

points).

9 Rout ing is a STATEFUL process. Dependingon the current information in the Routing Table

different actions can happen, even when thesame routing information is received .

? There are examples, where a routing was correct,

but after the shutdown and restart of an interface thecorrect state was never reached again.[See page 15]?


12/18


offset-list {access-list-number | name} in offset [type number]distance weight [address mask [access-list-number | name]]distribute-list {access-list-number | name} in [type number]passive-interface type number(only for Link State and EIGRP)

ip access-group {access-list-number | name} in( for selected protocol)

Routing Table



Incoming

Route ProcessingROUTE Information

Administrative Distance

Route-TAGs

0 Connected1 Static Route5 EIGRP Summary20 External BGP90 Internal EIGRP100 IGRP

110 OSPF115 IS-IS120 RIP170 External EIGRP200 Internal BGP255


ip route prefix mask {address |interface} [distance] [tag tag][permanent]

and from connected interfaces

INCOMING from LOCAL


Metric


13/18


The INCOMI NG Routing

Process

The incoming Routing process is responsible for

populating the Routing table.

At startup this process enters the static andconnected networks for all interfaces which are

UP and then for each route received via any

Routing potocol this process checks if this is a

better route (considering Adminstrative Distance

and metric) than another instance of the same

route already in the table.

If a better route is found, this one is installed

and the other one is removed from the table.

The different routing processes also inform the

incoming routing process about any routes for

which regular routing updates are missing, or

which route to remove.

In order to overcome incorrect routing

information Distance Vector routing processes

also sets routes into a temporary holddown

before reconsidering new routing information or

before deleting this route.

LINK STATE processes directly remove or

replace routes after running the SPF-calculation.

EIGRP when a feasability successor is found will

enter the new information direct into the routing

table, or will set the route to a state of ACTIVE

and ask the neighbor(s) for a new route to the

destination.

RIP V1 and IGRP will never establish an

incoming mayor route, when they have a local

subnet-route of that network in their routing

table.

Monitor ing the INCOMING Route process

All the input and results of this incoming routing

decision process can be monitored with the

command:

DEBUG IP ROUTING

Unfortunately the debug output is somewhat

cryptic and therefore not easy to read.

Here an example with the output of a RIP

routing change and its real meaning.

RouterA# debug ip routing

RT: flushed route to 192.168.8.0 via 192.168.9.2

(Serial0)

RT: no routes to 192.168.8.0, entering holddown

? invalid timer expired no routes to 192.168.8.0,

therefore entering holddown

RT: flushed route to 192.168.7.0 via 192.168.9.2

(Serial0)

? advertising 192.168.8.0 via 192.168.9.2

(Serial0) as unreachable

"show ip route" shows us

R 192.168.8.0/ 24 is possibly down,

routing vi a 192.168.9.2, Serial1

RT: garbage collecting entry for 192.168.8.0

? flush timer expired terminating holddown for

192.168.8.0

after that the next update info for this network

will be usedRT: add 192.168.8.0/24 via 192.168.6.2, rip

metric [120/2]

Useful commands for changing behaviour

of the Incoming Roue process

These commands can have different goals:

? prevent routing information from

entering the routing table

distribute-list xxx in (not for Link State)

distance 255 passive-interface (for Link State & EIGRP)

? change the priority of some information

sources or for some commands

? by changing the ADMINISTRATIVE DISTANCE

distance

? by changing the METRIC

offset-list xxx in (not for Link State)

? manually adding additional routing

informat ion

ip route

In order to prevent possible routing loops when

getting redistributed (external routes) EIGRP

uses the higher administrative distance of 170

instead of the default of 90.

In OSPF you also can use TAGs for marking routesand then applying actions to tagged routes.

NOTE:For Link State protocols you cannot apply incomingfilters as those protocols transfer not routes but LINK STATE

Packets.

In BGP you can specify a route-map which canmodify parameters like metric and tag when BGP

sends routing information to the local routing

table:

table-map route-map name


14/18


Routing Table

S ... Static

C ... Connectedx .... dynamic routing

Outgoing


Metric

Route-TAGs





external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets]default-information redistribution:default-information originate [always] [metric metric-value] [metric-type type-

value] {level-1 | level-1-2 | level-2} [route-map map-name](RIP/OSPF)default-information {in | out} {access-list-number | name}(IGRP/EIGRP)

distribute-list {access-list-number | name} out

[routing-process |autonomous-system-number]

distribute-list {access-list-number | name} out [interface-name]passive-interface type number

offset-list {access-list-number | name}outoffset [type number]

route-map map-tag [permit | deny] [sequence-number] FOR ROUTE REDISTRIBUTION

match interface type number [...type number]match ip route-source {access-list-number | name}[...access-list-number | name]

match metric metric-valuematch route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}match tag tag-value [...tag-value]

match ip address {access-list-number | name} [...access-list-number | name]match ip next-hop {access-list-number | name}[...access-list-number | name]

set automatic-tagset level {level-1 | level-2 | level-1-2 | stub-area | backbset local-preference

set metric metric-valueset metric-type {internal | external | type-1 | type-2}

set origin {igp | egp autonomous-system | incomplete}set tag tag-valueset next-hop next-hop



15/18


The OUTGOING Routing

Update Process

The outgoing Routing update process is

responsible for informing the neighboring routers

about its network information.

For Distance Vector Routing protocols this is

the local information about the best routes andtheir metric (hence the content of the Routing

Table).

For Link State Routing protocols this is the

information about the local networks, externalroutes and the neighbors via LSPs.

Outgoing routing updates for a certain routingprotocol are only sent when the following

conditions are all met:

?? the network is in the routing table.?? the network is either specified via the NETWORK

command or coming from another protocol via aREDISTRIBUTION command

?? obeys the SPLIT-HORIZON rule: the network wasnot learned from the same interface ( or is not

identical to the connected network)?? the network is not excluded from update via

applied access-lists or route-maps using theDISTRIBUTE command.

?? the outgoing interface is not specified as PASSIVE?? if the network is a specified summary, at least a

subnet of that summary route is in the routingtable.

?? forwarding of default information is implicitly

(RIP) or explicitly allowed via theDEFAULT-INFORMATION command.

?? for OSPF: sending of LSPs to that neighbor is not

prohibited.

For RIP V1 and IGRP the following also is

considered:A subnet route of a mayor network is converted to the

(summary) mayor route when it is sent out oninterfaces that do not belong to a (sub)net of that

mayor route. (Discontigous Subnet Rule)

For OSPF there are some special rules, where

Area Border Routers (ABR) can inject default

routes into stub areas. Also DISTRIBUTE-LIST

OUT can only be applied to external routes and

you cannot specify an interfacename in OSPF.

Generally by using the shown commands you can

follow 4 different tasks:

? make networks invisible by blocking the

forwarding of rout ing informat ion

?redistr ibute (forward and translate) routing

information from one protocol to another

?change the metric to force the others to

prefer specific paths

?summarize rout ing informat ion to

decrease the amount of routes and to increase

the stability

Example for a Redistribution problem

which is state-dependent:

Configuration of R4 and R5:

router rip

network x.x.x.x

redistribute eigrp 1000

default-metric 1

passive-interface Serial 1router eigrp 1000

network y.y.y.y

redistribute rip

default-metric 1000 100 250 100 1500

passive-interface Serial 0

R3 normally learns about the network 10.0.0.0/8

via a routing update from R2 with 2 hops and

forwards this information to R5 with 3 hops

R5 gets information about 10.0.0.0/8 via R4 with

the metric [170/10245] ( it is an external EIGRP

route) and via R3 with [120/3] as RIP-route.

So R5 will establish the RIP-route and use R3 asnext hop. Obeying the SPLIT HORIZON rule it

will never send out the information back to R3.

When the connection between R2 and R3 breaks,

R3 will not send information about 10.0.0.0/8. R5

will now use the routing information derived via

external EIGRP from R5 and forward this

information as redistributed information via Rip

to R3. R3 gets now the information about

10.0.0.0/8 with the metric [120/1] and next hop

R5 into its routing table. When the link R2-R3

comes up again, the information from R2 about10.0.0.0/8 with [120/2] will not be used and R3

will continue to use the way via R5 to reach that

network.

10.0.0.0/8

R3

R2R4

R5

1 hop

EIGRP

RIP

RIP

RIP

best route to10.0.0.0/8before shutdown of R2-R3

best route to10.0.0.0/8after shutdown of R2-R3

0 hops

0R1

R10 RIP

2 hops2

3 hops

1

2

3

1

beforeshutdown

3 hops


16/18


offset-list {access-list-number | name} inoffset [type number]distanceweight[address mask [access-list-number | name]]

distribute-list {access-list-number | name} in [type number]passive-interface type number(only for Link State and EIGRP)

ip access-group {access-list-number | name} in( for selected protocol)


selected by:


no match

or deny or

Routing Table



Input Access-list

NAT

Output Access-list

NAT / PATAccounting

IncomingRoute Processing

ROUTE InformationOutgoing




0 Connected1 Static Route

5 EIGRP Summary20 External BGP

90 Internal EIGRP100 IGRP

110 OSPF115 IS-IS

120 RIP

170 External EIGRP200 Internal BGP255






external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets]default-information redistribution:

default-information originate [always] [metric metric-value] [metric-type type-value] {level-1 | level-1-2 | level-2} [route-map map-name](RIP/OSPF)

default-information {in | out} {access-list-number | name}(IGRP/EIGRP)

distribute-list {access-list-number | name} out[routing-process |autonomous-system-number]

ip route prefix mask {address |interface} [distance] [tag tag]

[permanent]and from connected interfaces

distribute-list {access-list-number | name} out [interface-name]passive-interface type number

offset-list {access-list-number | name}outoffset [type number]

INCOMING from LOCAL

route-map map-tag [permit | deny] [sequence-number] FOR ROUTE REDISTRIBUTIONmatch interface type number [...type number]match ip route-source {access-list-number | name}[...access-list-number | name]

match metric metric-valuematch route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}

match tag tag-value [...tag-value]match ip address {access-list-number | name} [...access-list-number | name]

match ip next-hop {access-list-number | name}[...access-list-number | name]

route-map map-tag [permit | deny] [sequence-number] FOR POLICY ROUTING

match ip address {access-list-number | name} [...access-list-number | name]match length min max

set automatic-tagset level {level-1 | level-2 | level-1-2 | stub-area | backbo

set local-preferenceset metric metric-value

set metric-type {internal | external | type-1 | type-2}set origin {igp | egp autonomous-system | incomplete}

set tag tag-valueset next-hop next-hop


set default interface type number [... type number]

set ip default next-hop ip-address [...ip-address]


DATA

DATA Packets

Queueing

Recursive Lookup

Metric


17/18


Summary: The BIG p icture

The CISCO IP Routing Process and its

mechanisms are quite complicated. But a

thorough understanding is necessary to

troubleshoot or even better to avoid problems.

The basic points are:

?? Routing is done hop-by-hop, each router

independently decides on which interface

to forward a packet.

?? The router treats incoming and outgoing

routing mechanisms as completely

separate processes.

?? Decisions about which route to add or

remove from the routing table are based

on

ADMINISTRATIVE DISTANCE and

METRIC

?? Routes of all configured routing

processes are considered for the routing

table

?? REDISTRIBUTION is only used when

considering outgoing routing updates

?? POLICY ROUTING allows to overcome

the normal destination based routing

?? Policy Routing is applied on packets

incoming on specified interfaces

?? ROUTE-MAPS are a mechanism for using

additional parameters for selection and

also a mechanism for setting or changing

different parameters?? ROUTE-MAPS are used for POLICY

ROUTING and for a controlled

REDISTRIBUTION of Routing Updates

?? Routing Protocols rely on a consistent

metric

?? REDISTRIBUTION of routes means a loss

of topology information

?? Routing is a STATEFUL process, where

the incoming routing information is

considered in relation to the current

routing table information.

?? The fact that a route is in the routing

table does not necessarily mean that the

route is also used in outgoing routingupdates

?? the adjacency process for Link State and

EIGRP as basis for exchanging updates

between routers

?? the different behavior of Routing

protocols regarding summarization and

VLSM

What is CISCO-specific in that area ?

? The use of ADMINISTRATIVE DISTANCE asfirst considered parameter for incoming route

decisions.

? IGRP and EIGRP are Cisco-developed and

proprietary protocols.

? REDISTRIBUTION, metric handling on

redistribution is not covered in standards.

? the treatment and forwarding of DEFAULT-

ROUTES is not covered in standards.

? an extensive set of DEBUG commands for

monitoring the router behavior.

For further information

Recommended Requests for proposals (RFCs):

RFC1812 Requirements for IP Version 4 Routers.

F. Baker. June 1995.(Status: PROPOSED

STANDARD)

? general information about Routing:

RFC1771 A Border Gateway Protocol 4 (BGP-4).

Y.Rekhter & T. Li. March 1995.(Status: DRAFT STANDARD)

RFC2328 OSPF Version 2. J. Moy.

April 1998. (Status: STANDARD)

RFC2453 RIP Version 2. G. Malkin.

November 1998. (Status: STANDARD)

Recommended Books:

CCIE Professional Development: Routing TCP/IP

Volume 1, J.Doyle ISBN: 1-57870-041-8

? excellent description of Routing

? best description of the mechanisms of EIGRP

? very good treatment of all Routing ProtocolsCCIE Professional Development: Large-Scale IP

Network Solutions, K. Raza, S. Asad, M. Turner

ISBN: 1-57870-084-1

? good examples of routing design

? excellent examples of redistribution

? good description of Routing Protocols

Internet Routing Architectures, B.Halabi

ISBN:

? best book on BGP

OSPF J.Moy

ISBN:

? OSPF explained by the developer of that

protocol

WWW-locations:

http://www.proin.com

http://www.cisco.com

http://www.netreference.com


18/18

f

PROFESSIONAL INFORMATI ON

NETWORKS

PRO IN is a paneuropean company focussing on3 areas:

? ? Training

? ? Consulting

? ? Professional Services

With offices in Austria, Germany and Spain we

offer CISCO authorized trainings at the highest

possible level. Thus PRO IN is honored as

"Distinguished Trainings Partner" by CISCO

WP Routing New (The Cisco IP Routing Process)

Documents