Professional Documents
Culture Documents
Chapter 1: Differentiating
Basic Network and Routing
Routing Concepts Protocols
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 2 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 4
Role of Dynamic Routing Protocols IGP versus EGP
(Autonomous system (AS) represents a collection of
network devices under a common administration).
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 5 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 7
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 6 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 8
Types of Routing Protocol 2/2 Route Summarization
Path Vector Protocols: Group several subnets into one aggregate entry that
Exchange information about destination networks, and the path on describes all of them.
how to reach them. Reduce overhead and improve stability and scalability by
reducing amount of routing information exchanged.
BGP is the only path vector protocol widely used.
Distance vector protocols support summarization in any
interface, but link states support it only at area boundaries.
IP addressing must be hierarchically assigned in contiguous
blocks across the network.
What is the
summarized
network?
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 9 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 11
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 10 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 12
Traffic Types 2/2
Anycast:
Traffic sent to anycast address is routed to the nearest interface that
has this particular address.
Nearest interface is found according the measure of distance of the
routing protocol used.
Understanding Example: DNS
Network Technologies
Broadcast:
Only used in IPv4
Information is transmitted from one sender to all connected receivers.
Local broadcast address: 255.255.255.255
Directed broadcast: last IPv4 address in each subnet.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 13 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 15
Multicast:
Traffic sent to a multicast address is sent to multiple destinations at
the same time.
An interface my belong to any number of multicast groups
IPv4: 224.0.0.0 239.255.255.255
IPv6: FF00::/8
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 14 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 16
IPv6 Address Types 2/2 Network Types 1/2
Global Unicast: equivalent to public IP address in IPv4. Point-to-point network:
Link Local: automatically or manually configured. Not Connects a single pair of routers
routable. Example: A serial link
Assigned Multicast: Similar to well-known multicast
addresses in IPv4.
Solicited node Multicast: Used by ICMPv6 Neighbor Broadcast network:
Discovery. Similar to ARP for IPv4.
Connects many routers
Loopback: Used for testing.
All are reachable through one single address
Unspecified: Used as source IPv6 address indicating Example: Ethernet
absence of Global Unicast address.
Unique Local: equivalent to private IP address un IPv4
Embedded IPv4: Used to represent the IPv6 equivalent of
a IPv4 address.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 17 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 19
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 18 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 20
NBMA Networks 1/3 NBMA Networks 3/3
Subinterfaces overcome these limitations. There are two
Can use a variety of topologies. Hub-and-spoke or partial types:
mesh is the most common. Point-to-point subinterfaces: Each subinterface provides connectivity
Frame Relay is the most common example of NBMA between two routers, using its own subnet.
technology.
If multipoint interface is used to connect multiple sites, some
issues arise:
Split Horizon: In distance vector protocols, the hub receives the
update in its physical interface but cannot forward it through the same
interface to the other spokes.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 21 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 23
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 22 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 24
Principles of Static Routing 1/2
A static route can be used when:
Routing updates are undesirables, such as in dialup link.
Administrator needs total control over the routes.
Backup to a dynamically recognized route.
Connecting Is necessary to reach a network accessible by only one path (stub
network).
Remote Locations
with Headquarters
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 25 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 27
Prior to IOS 12.0 it was more efficient to use the exit interface.
After IOS 12.0 (with the implementation of CEF)is now recommended
to use the next-hop IP address.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 26 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 28
Configuring a Static Default Route PPP Authentication Overview 1/3
Authentication is optional.
PPP can use PAP and CHAP.
PAP is very basic two-way process with no encryption.
CHAP involve a three-way exchange of a shared secret.
You can configure either PAP, or CHAP or both:
Router(config-if)# ppp authentication {chap | chap pap | pap chap |
pap} [if-needed] [list-name | default] [callin]
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 29 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 31
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 30 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 32
PPP Authentication Overview 3/3 PPPoE 2/2
In CHAP, the local device sends a challenge to the remote. Configuration:
Create a dialer interface (which is virtual).
The remote encrypts the challenge and its name, and return it.
Configure the dialer interface encapsulation PPP and IP address by
Local router uses the configured name of the remote, encrypt it DHCP
with the challenge, and verify if the calculated and received Enable PPPoE in the ethernet interface that faces the client.
values match. Link the dialer interface to the ethernet
Set the MTU to 1492
Unlike PAP, CHAP authenticates periodically.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 33 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 35
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 34 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 36
VPN Connectivity Overview Tunneling VPNs
Frame Relay is being considered deprecated, for the GRE
following factors: Tunneling protocol developed by Cisco
Cost Enables encapsulation of L3 protocols inside point-to-point, tunnel-
Deployed services over-IP network.
Scalability Traffic is not encrypted.
IPsec
Next generation of VPNs support quick and easy Framework that uses a set of cryptographic protocols to secure L3
provisioning of full mesh topologies without compromising traffic .
security and scalability. Works with any application that uses IP as a transport protocol.
DMVPN
Used to scale IPsec hub-to-spoke and spoke-to-spoke designs in
large networks.
Supports routing protocols, and multicast.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 37 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 39
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 38 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 40
Routing Across MPLS VPNs 1/2 Routing Over a GRE Tunnel 1/2
Depends on whether it´s L2 MPLS VPN or L3 MPLS VPN A tunnel is a logical interface that provides a way to
L2 MPLS VPN: encapsulate passenger packets inside a transport protocol.
Customer selects the routing protocol. A tunnel have three main parts:
Customer routers (CE) establish adjacencies. A passenger protocol, that is being encapsulated.
Same IP subnet is used A carrier protocol. (GRE in for GRE tunnels).
A transport protocol, that carries the encapsulated protocol.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 41 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 43
Routing Across MPLS VPNs 2/2 Routing Over a GRE Tunnel 2/2
L3 MPLS VPN: GRE tunnels offer the possibility to connect branch offices
Customer and SP must agreed routing protocol(s). across Internet or WAN.
Each customer router establish adjacency with a SP router (PE). Its main benefit: support multicast, and therefore is
A different subnet must be used in each pair of CE-PE. appropriate for routing protocols.
Does not encrypt the traffic.
IPsec can be used, creating a GRE-over-IPsec tunnel.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 42 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 44
Dynamic Multipoint Virtual Private Network NHRP
Statics tunnels may be and appropriate solution for small NHRP is used by routers to determine the IP address of the
networks, but it´s not scalable. next hop in IP tunneling networks.
The Cisco DMVPN feature enables better scaling for large When a spoke initially connects to a DMVPN network, it
(and small) IPsec VPNs. registers its inner (tunnel) and outer (physical interface)
DMVPN combines multipoint GRE (mGRE), IPsec address with the hub router.
encryption and Next Hop Resolution Protocol (NHRP). This registration enables the mGRE interface on the hub
Benefits: router to build a dynamic GRE tunnel back to the registering
Not reconfiguration needed in the hub router when a new spoke is spoke.
added. NHRP creates a mapping for a tunnel IP address to the
IPsec is immediately triggered to create the point-to-point tunnel with physical interface IP address for each spoke at the hub.
no peering configuration needed.
Support for dynamically addressed spoke routers.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 45 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 47
Multipoint GRE
mGRE enables a single GRE interface to support multiple GRE
tunnels and simplifies the complexity of the configuration.
Only one tunnel interface needs to be configured on a router to
support multiple remote GRE peers.
Devices using mGRE require NHRP to build dynamic GRE
tunnels.
mGRE also support unicast, multicast and broadcast.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 46 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 48
IPsec MSS, Fragmentation and PMTUD 1/3
Is a framework of open standards that define how to provide An IPv4 packet has a maximum size of 65,535 bytes, whereas an
secure communications. IPv6 packet can support up to 4,294,967,295 bytes.
Routing and The sending device is required to send segments equal to or less
than the reported MSS.
TCP/IP
Operations
TCP MSS should be the minimum buffer size, minus 40 bytes (20
bytes TCP header, 20 bytes of IP header).
Example, Ethernet MTU is 1500 bytes. MSS should be 1460.
TCP MSS just works at the two ends of the TCP connection.
Source receives the ICMP message and reduce the MSS to be BDP is used to optimize the TCP Windows size to fully utilize the
within the MTU and retransmit the message. link.
If the ICMP unreachable message is blocked, issues may occur. The result is the maximum of data can be transmitted on the link
Be sure to allow them in routers and firewalls along the patch. at any given time.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 53 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 55
If an IPv6 router receives a packet larger the MTU of the When TCP and UDP flows are mixed during a period of
congestion, TCP cooperate by backing off on bandwidth.
outgoing interface, it will drop the packet and send an
ICMPv6 Packet Too Big message back to the source,
using the available bandwidth given up by TCP.
including the smaller MTU.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 54 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 56
Latency ICMP Redirects 2/2
Latency is the amount of time for a message to go from ne point ICMPv6 Redirect message works the same way as the
to another.
Redirect message for ICMpv4, with one additional feature:
Can be caused by several factors: propagation delay, If PCA wants to communicate with PCB (same segment, different
serialization, data protocols, routing, switching, queuing, and networks), it will use its default gateway, R1.
buffering. R1 will send a redirect message.
PCA will forward packets directly to PCB.
TCP requires a established virtual connection and bidirectional
communication ACKs, windows size, congestion control and so
on, which has a effect on latency.
UDP does not include reliability, and is used for streaming media
that requires minimum delay.
UDP has very low latency, better than most TCP connections.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 57 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 59
Implementing RIPng
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 58 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 60
RIP overview RIPv2 Overview 2/2
One of the oldest routing protocol. By default RIPv2 automatically summarizes at major
Standard IGP, works in mixed-vendor router environment. network boundaries. Summarizing routes to the classful
Easy to configure. network address.
Good choice for small networks
Distance vector protocol, uses hop count as the metric. If discontinuous subnets are used, automatic summarization
Maximum hops: 15 must be disabled.
If a network is 16 hops or more, the router consider it
unreachable. Router(config-router)# no auto-summary
Implements split horizon with poison reverse. Prefers a
notification rather than just ignoring.
The ip summary-address rip ip-address network-mask
Support load balancing over equal-cost paths.
interface command is used to manually summarize.
Exits three versions: RIPv1, RIPv2 and RIPng
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 62 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 64
Basic RIPng Configuration 1/8 Basic RIPng Configuration 3/8
Enable IPv6 routing using ipv6 unicast-routing command On R2, enable RIPng on interface Ethernet 0/1 (connects to
on R2. R1) and Loopback0 (simulates LAN).
If you forgot to create the RIP process name, the router will
automatically create one.
Enable RIPng using ipv router rip name command.Set the
process name to CCNP_RIP Use the show ipv6 protocols to validate RIPng is correctly
configured.
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 65 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 67
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 66 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 68
Basic RIPng Configuration 5/8 Basic RIPng Configuration 7/8
Propagate the default route of R1 to R2
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 69 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 71
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 70 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 72
Investigating the RIPng Database 1/3 Investigating the RIPng Database 3/3
show ipv6 rip show ipv6 next-hops
RIP process (es) RIP process (es)
Port number Next hop router IP address.
Hello and dead timer Interface in which it´s connected.
Interfaces configured Number of path (routes) in the IPv6 RIP routing table using that next
hop
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 73 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 75
Chapter 1 Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 74 © 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 76
-to-point links and support dynamic
routing protocols.
hub-and spoke
configuration.
RIPng.
RIPng.
RIPng.
Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 77
Chapter 1
© 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public 78