-->
For my first post I want to talk about and tackle the basics on how a Cisco router makes routing decisions. Before that why is this important anyway? As to many network guys out there and a whole lot more who's planning to move into the field, to get a good seat on a stable job will require solid foundations and at least basic skills. I say this as you would never know when your evaluator would ask you questions that would relate to this topic and you couldn't answer later to find out its BASIC. When I say basic it doesn't mean it's easy, because sometimes it's the most basic things actually the we miss out during unexpected trouble or network downtime etc. So whether you're creating configs or troubleshooting your network it's always good to have a good grasp of the foundation knowledge.
There are 3 steps as to how a router 'routes'. Below is how it makes routing decisions
in sequence.
1. Selects the most specific route or the route with the longest prefix. When the router receives a packet it takes a look at the routing table and checks if it has a route to the destination of the packet. If there's only one route then it forwards it out right away, when there's more than one route it checks for the prefix length. For those of you who are not yet familiar what a prefix length is, to put it in simple words, it is how many bits are set on the subnet mask. So the longer the subnet mask is - which is also the same as the more specific the route is - the better. To understand better let me give you an example.
Lets say there are two routes to a destination. One is 206.15.45.0/24 and the other is 206.15.45.0/26. Now a packet comes in and is destined to 206.15.45.34, which route will the router use? We have two routes, one is a /24 which is in subnet mask notation reads 255.255.255.0, and then we got another one with a /26 mask, which converts to 255.255.255.192, which happens to be longer. This would mean that upon seeing those two routes, the router will choose the route with a longer prefix length - 206.15.45.0/26, because it is a more specific route and will most likely get the packet there with higher percentage over the more summarized route. You can think of it as a much more accurate path. I say that as that /24 route could be a summary route and has more specific networks behind it. If this is the case then we won't know whether those routes behind are up or down as to this is one of the advantages route summarization can do for us, not letting other routers know what they don't need to know. But that's completely a whole other topic so probably in another post. :)
But how about if both routes have the same prefix length? They could be both /24s or both /26s right? This is when the next step will come in.
2. Selects the route with a better AD. Now for those who are not yet familiar what an AD is, it stands for Administrative Distance. Some sources will say that it's the believability of a route, some say it's kind of a metric for routing protocols, but yeah you get the point by that. A router would choose to use a route over the other (if you have more than one route with the same prefixes) and choosing the one with the lower Administrative Distance. Each routing protocol has its own AD and even depending on what type of route it is. Below is the list of ADs for each protocol and for each route type for a protocol.
connected route 0
static route 1
EIGRP summary 5
BGP 20
Internal EIGRP 90
OSPF 110
IS-IS 115
RIP 120
ODR 160
External EIGRP 170
Internal BGP 200
Unknown/Unreachable 255
Note: I have not included those that I know are obsolete and does not exist anymore.
As you can see is a value from 0-255 where 255 is considered unreachable. The lower the AD is the better, and so this is the route which the router will choose to use. Let's say for example the same route as what we used in step #1 206.15.45.0/26 as an OSPF route, and then I hopped into the router and put in a static route for that the same route. Since a static route has an AD of 1 which happens to be lower than the AD of 90 for OSPF, the router would start using the static route.
There are ways to manipulate the AD for certain types of routes but one that I would like to point out
is the static route because it can be done in two common ways. First is to specifically set the AD for it. For example, to put in a static route you put in the below command under global config.
Router(config)#ip route 206.15.45.0 255.255.255.192 {next-hop | exit-interface} [AD]
This is the basic configuration for a static route. After specifying the next-hop IP address or exit interface you can specify an optional AD value for your static route. Most often this is manipulated due to the need of back-up routes. This is when you have a dynamic routing protocol in place and you would want to have a back-up static route just in case that dynamic routing fails. This static route is called a 'floating static' route as to what it does. It just stays there just in case the dynamic route fails. This is done by setting a higher AD for the static route than the dynamic route. In our example if we have an OSPF route and then we put in a static route with a higher AD than OSPF, the OSPF route will still be used because of its better AD.
Router(config)#router ospf 1 Router(config-router)#network 206.15.45.0 0.0.0.63 area 0
Router(config-router)#exit Router(config#ip route 206.15.45.0 255.255.255.192 Serial1/0 115
The other way is setting the next-hop IP address or the exit-interface. For some network guys, it
could be just a matter of preference but you've got to know that there is a difference when setting a static route and using one over the other. A static route when you opt to use a next-hop IP sets its AD to 1. Of course this is expected because yes it is its default AD. However setting it to use an exit-interface rather than a next-hop IP will set consider it a directly connected route - assigning it an AD of 0. For some it doesn't matter, but there are certain network setups out there that may be sensitive enough for these kinds of configurations. In my experience I have found out that setting the next-hop IP address is a safer choice, not that the exit-interface is not good but it posed issues to our network when I did it lol. Well that's just based from experience and not discouraging everybody from using the exit-interface option. The only instance wherein I see exit-interfaces constantly in our network is on default-routes. Either of the two is good it just depends how you're going to use it and as long as it does'nt cause any outage or routing issues in your network:)
What if more than one route has the same AD?
3. Selects the route with the best metric. Routes with the same AD will most likely come from the same routing protocol. In this case comparing each route's metric is what the router will do next. This would just depend on which routing protocol is used as different routing protocols has different ways of finding the best path. For EIGRP for example it used the fastest way to get traffic to its destination. It calculates the best path including a secondary best path if there is (EIGRP is the only routing protocol that uses back-up routes). Below is the list on what metrics each routing protocol uses to determine the best path through a network.
RIP - distance-vector (hop-count)
EIGRP - distance-vector/hybrid (fastest path)
OSPF - link-state (shortest path)
IS-IS - link-state (shortest path)
BGP - path-vector (shortest AS-path by default)
Now as much as would like to give a good example for this step It would lean more towards to basics of routing protocols and thus be out of scope for this topic or even might be a little info-overload for some newbies. As I do post more topics I would probably explain more on the metrics of each of these routing protocols and how they do the whole routing thing:)
Lastly what if more than one route has the same metric? You bet it! it will load-balance, otherwise there will be a need for a 4th step:)
I hope you guys learned something or at least something new and more posts to come.
There are 3 steps as to how a router 'routes'. Below is how it makes routing decisions
in sequence.
1. Selects the most specific route or the route with the longest prefix. When the router receives a packet it takes a look at the routing table and checks if it has a route to the destination of the packet. If there's only one route then it forwards it out right away, when there's more than one route it checks for the prefix length. For those of you who are not yet familiar what a prefix length is, to put it in simple words, it is how many bits are set on the subnet mask. So the longer the subnet mask is - which is also the same as the more specific the route is - the better. To understand better let me give you an example.
Lets say there are two routes to a destination. One is 206.15.45.0/24 and the other is 206.15.45.0/26. Now a packet comes in and is destined to 206.15.45.34, which route will the router use? We have two routes, one is a /24 which is in subnet mask notation reads 255.255.255.0, and then we got another one with a /26 mask, which converts to 255.255.255.192, which happens to be longer. This would mean that upon seeing those two routes, the router will choose the route with a longer prefix length - 206.15.45.0/26, because it is a more specific route and will most likely get the packet there with higher percentage over the more summarized route. You can think of it as a much more accurate path. I say that as that /24 route could be a summary route and has more specific networks behind it. If this is the case then we won't know whether those routes behind are up or down as to this is one of the advantages route summarization can do for us, not letting other routers know what they don't need to know. But that's completely a whole other topic so probably in another post. :)
But how about if both routes have the same prefix length? They could be both /24s or both /26s right? This is when the next step will come in.
2. Selects the route with a better AD. Now for those who are not yet familiar what an AD is, it stands for Administrative Distance. Some sources will say that it's the believability of a route, some say it's kind of a metric for routing protocols, but yeah you get the point by that. A router would choose to use a route over the other (if you have more than one route with the same prefixes) and choosing the one with the lower Administrative Distance. Each routing protocol has its own AD and even depending on what type of route it is. Below is the list of ADs for each protocol and for each route type for a protocol.
connected route 0
static route 1
EIGRP summary 5
BGP 20
Internal EIGRP 90
OSPF 110
IS-IS 115
RIP 120
ODR 160
External EIGRP 170
Internal BGP 200
Unknown/Unreachable 255
Note: I have not included those that I know are obsolete and does not exist anymore.
As you can see is a value from 0-255 where 255 is considered unreachable. The lower the AD is the better, and so this is the route which the router will choose to use. Let's say for example the same route as what we used in step #1 206.15.45.0/26 as an OSPF route, and then I hopped into the router and put in a static route for that the same route. Since a static route has an AD of 1 which happens to be lower than the AD of 90 for OSPF, the router would start using the static route.
There are ways to manipulate the AD for certain types of routes but one that I would like to point out
is the static route because it can be done in two common ways. First is to specifically set the AD for it. For example, to put in a static route you put in the below command under global config.
Router(config)#ip route 206.15.45.0 255.255.255.192 {next-hop | exit-interface} [AD]
This is the basic configuration for a static route. After specifying the next-hop IP address or exit interface you can specify an optional AD value for your static route. Most often this is manipulated due to the need of back-up routes. This is when you have a dynamic routing protocol in place and you would want to have a back-up static route just in case that dynamic routing fails. This static route is called a 'floating static' route as to what it does. It just stays there just in case the dynamic route fails. This is done by setting a higher AD for the static route than the dynamic route. In our example if we have an OSPF route and then we put in a static route with a higher AD than OSPF, the OSPF route will still be used because of its better AD.
Router(config)#router ospf 1 Router(config-router)#network 206.15.45.0 0.0.0.63 area 0
Router(config-router)#exit Router(config#ip route 206.15.45.0 255.255.255.192 Serial1/0 115
The other way is setting the next-hop IP address or the exit-interface. For some network guys, it
could be just a matter of preference but you've got to know that there is a difference when setting a static route and using one over the other. A static route when you opt to use a next-hop IP sets its AD to 1. Of course this is expected because yes it is its default AD. However setting it to use an exit-interface rather than a next-hop IP will set consider it a directly connected route - assigning it an AD of 0. For some it doesn't matter, but there are certain network setups out there that may be sensitive enough for these kinds of configurations. In my experience I have found out that setting the next-hop IP address is a safer choice, not that the exit-interface is not good but it posed issues to our network when I did it lol. Well that's just based from experience and not discouraging everybody from using the exit-interface option. The only instance wherein I see exit-interfaces constantly in our network is on default-routes. Either of the two is good it just depends how you're going to use it and as long as it does'nt cause any outage or routing issues in your network:)
What if more than one route has the same AD?
3. Selects the route with the best metric. Routes with the same AD will most likely come from the same routing protocol. In this case comparing each route's metric is what the router will do next. This would just depend on which routing protocol is used as different routing protocols has different ways of finding the best path. For EIGRP for example it used the fastest way to get traffic to its destination. It calculates the best path including a secondary best path if there is (EIGRP is the only routing protocol that uses back-up routes). Below is the list on what metrics each routing protocol uses to determine the best path through a network.
RIP - distance-vector (hop-count)
EIGRP - distance-vector/hybrid (fastest path)
OSPF - link-state (shortest path)
IS-IS - link-state (shortest path)
BGP - path-vector (shortest AS-path by default)
Now as much as would like to give a good example for this step It would lean more towards to basics of routing protocols and thus be out of scope for this topic or even might be a little info-overload for some newbies. As I do post more topics I would probably explain more on the metrics of each of these routing protocols and how they do the whole routing thing:)
Lastly what if more than one route has the same metric? You bet it! it will load-balance, otherwise there will be a need for a 4th step:)
I hope you guys learned something or at least something new and more posts to come.
you missed something dude
ReplyDeleteEIGRP - is Cisco Proprietary
did i have to include that? lol
ReplyDelete