It's easy to see how your packets are leaving your network, but hard to see what happens to them after that. Differences in routing and preferential traffic shaping mean that your traffic may take a very different route coming back as going out.
One way to get more information about what's happening is with "looking glass" servers. These provide snapshots of routing at various points around on the Internet so you can see what the path to your network looks like from out there.
There are a bunch of them out there, with some lists here and here.
Showing posts with label routing. Show all posts
Showing posts with label routing. Show all posts
Wednesday, February 2, 2011
Sunday, December 5, 2010
Sunday, October 24, 2010
EIGRP
Except for the odd cisco class, I've never actually used EIGRP. It's another interior routing protocol, like OSPF and often used in place of it. It's cisco-only, as it's cisco's proprietary protocol, which makes it a non-starter in heterogeneous routing environments. (OSPF is based on standards and is supported by pretty much all vendors of "real" routers, which is to say "not a $30 home router for your dsl line".)
Unlike OSPF, EIGRP doesn't have the concept of "areas", so all of your internal network is lumped into a single monolithic administrative collective. Like OSPF, it establishes neighbor relationships with other routers and shares routes among its neighbors. EIGRP gives you a few more ways to tweak your routes, having bandwidth and delay instead of a simple cost metric and does route filtering a bit more granularly.
Unlike OSPF, EIGRP doesn't have the concept of "areas", so all of your internal network is lumped into a single monolithic administrative collective. Like OSPF, it establishes neighbor relationships with other routers and shares routes among its neighbors. EIGRP gives you a few more ways to tweak your routes, having bandwidth and delay instead of a simple cost metric and does route filtering a bit more granularly.
Wednesday, October 20, 2010
More about BGP -- load sharing across equal-cost paths
Suppose you have several equal-bandwidth or equal-cost paths between a pair of routers that want to be BGP neighbors. For example, two or more WAN links between two BGP areas. You want the routers to route over both paths. The thing to do is to use a loopback address for your BGP neighbors. You must also have "ebgp-multihop" configured as well, so BGP will be okay with going to a neighbor that is not on the same subnet as itself.
So, router A (AS 64591) and router B (AS 64592) are connected by a pair of WAN links.
On router A:
int loopback 0
ip address 10.255.255.1 255.255.255.255
router bgp 64591
neighbor 10.254.254.1 remote-as 64592
neighbor 10.254.254.1 update-source loopback 0
neighbor 10.254.254.1 ebgp-multihop
Router B looks similar:
int loopback 0
ip address 10.254.254.1 255.255.255.255
router bgp 64592
neighbor 10.255.255.1 remote-as 64591
neighbor 10.255.255.1 update-source loopback 0
neighbor 10.255.255.1 ebgp-multihop
Don't forget to include your loopback network range in the "network" statement for the BGP instance.
So, router A (AS 64591) and router B (AS 64592) are connected by a pair of WAN links.
On router A:
int loopback 0
ip address 10.255.255.1 255.255.255.255
router bgp 64591
neighbor 10.254.254.1 remote-as 64592
neighbor 10.254.254.1 update-source loopback 0
neighbor 10.254.254.1 ebgp-multihop
Router B looks similar:
int loopback 0
ip address 10.254.254.1 255.255.255.255
router bgp 64592
neighbor 10.255.255.1 remote-as 64591
neighbor 10.255.255.1 update-source loopback 0
neighbor 10.255.255.1 ebgp-multihop
Don't forget to include your loopback network range in the "network" statement for the BGP instance.
Sunday, October 17, 2010
BGP basics: "Active" is not a good state.
BGP is TCP based. If you're got a router that wants to share BGP routes, each neighbor has to be explicitly configured. When this is done and BGP restarted, the router opens a BGP session to each of its neighbors on TCP/179 and chats about what routes it has and what routes it can learn.
If there are no routing updates, the routers exchange keep-alive packets every 60 seconds to be sure that the TCP session is still up and the routers are all happy.
When a BGP TCP session starts up, the BGP neighbor will show as state "Connect" when the router is actively trying to connect. If it successfully makes the connection, it shifts to state "OpenSent" and then through "OpenConfirm" to "Established".
If the router cannot make a successful TCP connection, it shifts to state "Active". NOTE: This does not mean that the connection has been made; just that it's actively trying to make the TCP connection. If your neighbors show as "Active", your routing is *not* working yet. Once the TCP session is established, the neighbor state goes through "OpenSent" and "OpenConfirm" to "Established". That last state, "Established" is the one you want to see in your summary of BGP neighbor states.
On a Cisco, your neighbor summary table would look something like this (taken from Cisco IOS IP Command Reference Vol 2 of 4: Routing Protocols, Release 12.3T - IP Routing Protocols Commands):
There are three fields that you're probably most interested in under normal circumstances:
This table (Table 41 in the same document) lists all the fields in the output and what they indicate.
If there are no routing updates, the routers exchange keep-alive packets every 60 seconds to be sure that the TCP session is still up and the routers are all happy.
When a BGP TCP session starts up, the BGP neighbor will show as state "Connect" when the router is actively trying to connect. If it successfully makes the connection, it shifts to state "OpenSent" and then through "OpenConfirm" to "Established".
If the router cannot make a successful TCP connection, it shifts to state "Active". NOTE: This does not mean that the connection has been made; just that it's actively trying to make the TCP connection. If your neighbors show as "Active", your routing is *not* working yet. Once the TCP session is established, the neighbor state goes through "OpenSent" and "OpenConfirm" to "Established". That last state, "Established" is the one you want to see in your summary of BGP neighbor states.
On a Cisco, your neighbor summary table would look something like this (taken from Cisco IOS IP Command Reference Vol 2 of 4: Routing Protocols, Release 12.3T - IP Routing Protocols Commands):
Router# show ip bgp summary BGP router identifier 172.16.1.1, local AS number 100 BGP table version is 199, main routing table version 199 37 network entries using 2850 bytes of memory 59 path entries using 5713 bytes of memory 18 BGP path attribute entries using 936 bytes of memory 2 multipath network entries and 4 multipath paths 10 BGP AS-PATH entries using 240 bytes of memory 7 BGP community entries using 168 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory 36 received paths for inbound soft reconfiguration BGP using 34249 total bytes of memory Dampening enabled. 4 history paths, 0 dampened paths BGP activity 37/2849 prefixes, 60/1 paths, scan interval 15 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.100.1.1 4 200 26 22 199 0 0 00:14:23 23 10.200.1.1 4 300 21 51 199 0 0 00:13:40 0
There are three fields that you're probably most interested in under normal circumstances:
- The first one to look at is "State/PfxRcd": If the TCP session is up and the routers are exchanging routes, then this field will be a numeric value that shows how many route prefixes have been received from the remote neighbor.
- The next one of note is "TblVer", which is the routing table version. Under normal circumstances, this should be the same if routing is stable.
- The third field of interest is the "Up/Down". If the BGP session to the neighbor is up and happy in the "Established" state, this is the duration of the current TCP session. If it's not up and happy, this will display the current state of the connection. Remember, "Active" is not what you want to see here. (Yes, I'm harping on it, but I've seen many people make the mistake of thinking that "Active" means that the connection is working correctly.)
This table (Table 41 in the same document) lists all the fields in the output and what they indicate.
Wednesday, October 13, 2010
Stubby and NOT SO STUBBY.
OSPF uses the concept of "area" to describe different chunks of the network. The center of the network is "area 0", the backbone area, and it's assumed that all areas connect to area 0.
Router interfaces, not entire routers are part of an area. So a router can span more than one area -- for example, a router could have one interface in area 0 and another interface in area 1 and a third in area 199. Other routers in area 1 would then see the router as a path back to area 0.
Areas can be defined as "stubby", meaning that there's only one path out from the area, and so external routes don't get advertised to the stubby area. A "not so stubby area" (nssa) can receive intra-area routes, but no external routes.
Router interfaces, not entire routers are part of an area. So a router can span more than one area -- for example, a router could have one interface in area 0 and another interface in area 1 and a third in area 199. Other routers in area 1 would then see the router as a path back to area 0.
Areas can be defined as "stubby", meaning that there's only one path out from the area, and so external routes don't get advertised to the stubby area. A "not so stubby area" (nssa) can receive intra-area routes, but no external routes.
Sunday, October 10, 2010
Who's the boss? (OSPF edition)
So, a router interface that's participating in OSPF floods the network with a HELO packet -- this is sent to a multicast address, so if you've got acl's in play make sure they allow the OSPF multicast. One of the things the HELO traffic does, besides just announcing "hey, I'm here" to any likely devices that might also be looking for neighbors, is share out the information used for election of the "Designated Router" (DR) and "Backup Designated Router" (BDR).
The DR and BDR serve as points of contact for exchange of routing information -- instead of each router updated every other OSPF neighbor with link state announcements, all the devices update the DR and BDR and they send out link state updates to all of the OSPF neighbors. This reduces the complexity of the exchange of routing information.
DR and BDR election is done by OSPF priority. If two interfaces on a given network segment have the same priority, the higher Router ID is used as a tie-breaker. For any given OSPF device, the "Router ID" is the highest IP address on the box (including loopback interfaces). Specific router interfaces may have an OSPF priority set explicitly as well to adjust whether or not they become DR; a priority of 0 means that the interface should never be the DR or BDR; this is described as the state "DROTHER"
The DR and BDR serve as points of contact for exchange of routing information -- instead of each router updated every other OSPF neighbor with link state announcements, all the devices update the DR and BDR and they send out link state updates to all of the OSPF neighbors. This reduces the complexity of the exchange of routing information.
DR and BDR election is done by OSPF priority. If two interfaces on a given network segment have the same priority, the higher Router ID is used as a tie-breaker. For any given OSPF device, the "Router ID" is the highest IP address on the box (including loopback interfaces). Specific router interfaces may have an OSPF priority set explicitly as well to adjust whether or not they become DR; a priority of 0 means that the interface should never be the DR or BDR; this is described as the state "DROTHER"
Sunday, September 26, 2010
OSPF types of routes
If you look at an OSPF routing table ("sh ip route ospf", for instance), there are a couple of different types of routes that might be displayed.
An External route is one that is learned from another routing protocol and redistributed into OSPF. Type E1 is an external route that includes the path metrics from the redistribution other routing protocol and the cost to get to the router that's doing the redistributing. Type E2 is an external route that only includes the cost from the redistributed routing protocol and does not pay attention to the cost to get to the border router that is doing the redistributing.
- "O" -- An OSPF route from within the same OSPF area.
- "IA" -- An OSPF route from a different OSPF area.
- "E1" -- An OSPF route that is a Type 1 external route.
- "E2" -- an OSPF route that is a Type 2 external route.
An External route is one that is learned from another routing protocol and redistributed into OSPF. Type E1 is an external route that includes the path metrics from the redistribution other routing protocol and the cost to get to the router that's doing the redistributing. Type E2 is an external route that only includes the cost from the redistributed routing protocol and does not pay attention to the cost to get to the border router that is doing the redistributing.
Wednesday, September 22, 2010
Open Most Complicated Routing Protocol First
OSPF! Open Shortest Path First. It's an interior gateway routing protocol - you'd use OSPF within a given AS, for instance. It has a whole bunch of things that can be tweaked. Most people (in my experience) use it as their interior routing protocol.
OSPF is based around the idea of a link state diagram -- that is, a diagram of the network connections between all the routers in a given OSPF instance. When making routing decisions, a given router will figure out what the best ("shortest") next-hop is for a given destination. If left untweaked, the route metric will be based on the number of hops and the bandwidth of each link (lower-bandwidth links are less preferred). You can adjust that and manually weight routes to encourage traffic to go over a path that it would otherwise not prefer.
An OSPF-enabled router uses broadcast packets to announce itself and to find out about other OSPF routers in the same collision domain. If compatible, the routers will establish a neighbor relationship, and exchange route information. Among neighbors, there's a designated router and a designated backup router. The designated router is a given router interface that is in charge of sending out link state announcements and letting the other router interfaces know what's up with the links. It's a specific interface, not a specific individual router -- a router that is a DR on interface 1 might not be the DR for a separate OSPF instance on interface 2.
OSPF is based around the idea of a link state diagram -- that is, a diagram of the network connections between all the routers in a given OSPF instance. When making routing decisions, a given router will figure out what the best ("shortest") next-hop is for a given destination. If left untweaked, the route metric will be based on the number of hops and the bandwidth of each link (lower-bandwidth links are less preferred). You can adjust that and manually weight routes to encourage traffic to go over a path that it would otherwise not prefer.
An OSPF-enabled router uses broadcast packets to announce itself and to find out about other OSPF routers in the same collision domain. If compatible, the routers will establish a neighbor relationship, and exchange route information. Among neighbors, there's a designated router and a designated backup router. The designated router is a given router interface that is in charge of sending out link state announcements and letting the other router interfaces know what's up with the links. It's a specific interface, not a specific individual router -- a router that is a DR on interface 1 might not be the DR for a separate OSPF instance on interface 2.
Subscribe to:
Comments (Atom)
About Me
- regis
- Regis has worked as a network engineer since 1994 for small companies and for large companies.
