Sei sulla pagina 1di 197

EXPLORING IP

ROUTING AND
ETHERNET BRIDGING
IP CONVERGENCE & IMS CURRICULUM

Award Solutions' eBook is authorized for a single user only. Do not distribute.
IPC_207
2100 Lakeside Blvd., Suite 300
Richardson, TX 75082 USA

Phone: +1.972.664.0727
Website: www.awardsolutions.com

If you have any questions, concerns or comments regarding this course please write to us at:
friends@awardsolutions.com

2016 Award Solutions, Inc. All Rights Reserved.

This course book and the material and information contained in it are owned by Award Solutions, Inc. (Award Solu-
tions) and Award Solutions reserves for itself and successors and assigns all right, title and interest in and to the
Award Content, Award Solutions logos and other trademarks, including all copyrights, authorship rights, moral
rights, publication and distribution rights, trademarks and other intellectual property rights. Award grants no license
or other rights in the contents of the course book or course, except as may be expressly set forth in a duly executed
written agreement between Award Solutions and the authorized user of this course book or the users employee or
principal. This course book shall not be modified, reproduced, disseminated, or transmitted by or in any medium,
form or means, electronic or mechanical, including photocopying, recording or any information retrieval system, in
whole or in part, without Award Solutions, Inc.s express, prior written consent signed by an authorized officer
whose authority is evidenced by a duly signed corporate resolution.

This course book was designed for use as a student guide with the subject matter course taught by Award Solu-
tions authorized employees and contractors. It was not designed to be a standalone textbook. Award Solutions
makes no representations or warranties and disclaims all implied warranties with respect to the information con-
tained herein or products derived from use of such information and Award Solutions undertakes no obligation to
update or otherwise modify the information or to notify the purchaser or any user of any update or obsolescence.
To the extent permitted by applicable law, Awards total liability in connection with the course and/or course materi-
al is the amount actually received by Award from the purchaser/user for the purchase or license of the course and
course material. This course book is not made for publication or distribution in the public domain and shall not be
published or placed in the public domain, in whole or in part, without Award Solutions, Inc.s express, prior written
consent signed by an authorized officer whose authority is evidenced by a duly signed corporate resolution.

The 3GPP, LTE and LTE-Advanced logos are the property of Third Generation Partnership Project (3GPP). The
3GPP2 logo is property of Third Generation Partnership Project (3GPP2) and its organization partners. The
content of this document is based on 3GPP/LTE and 3GPP2 specifications which are available at
www.3gpp.org, and www.3gpp2.org.
About Award Solutions

AWARD SOLUTIONS, INC. has over 18 years of We offer a multitude of delivery methods and services:
training excellence in advanced wireless, IP, and network
virtualization technologies. Our products and services ON-SITE TRAINING: Our Subject Matter Experts
provide our customers with innovative, flexible, and cost- travel to your facility to engage the students in
effective solutions that help rapidly boost workforce an interactive learning experience. This is a great
productivity to more quickly meet market demands. option for teams with 12 or more people.

Our areas of expertise include: VIRTUAL TRAINING: Award Solutions embraces


different learning styles and preferences. Our
4G OpenStack virtual trainings are conducted by our Subject
Matter Experts in real-time. This is a great option
LTE SDN
for teams geographically dispersed.
VoLTE NFV
LTE-Advanced IP Convergence
PUBLIC TRAINING EVENTS: Award Solutions
IMS IPv6
hosts a subset of our courses in our office
TD-LTE Cloud
and in conjunction with Industry events. This
Small Cells M2M
expert-led sessions are ideal for individuals and
DAS Technology Trends
small groups. Visit our website at for the latest
schedule.
The level of technical depth in our training programs gives
students unique benefits that they can apply immediately. SELF-PACED eLEARNING: An engaging, cost-
We offer a range of courses appropriate for audiences effective solution, allowing individuals to take
needing a high-level overview, engineers looking for training online at their own pace when their
technical details as well as sales and marketing teams schedule permits.
needing a different point of view.
CERTIFICATIONS: Becoming an Award Certified
Our Subject Matter Experts (SMEs) and consultants Expert (A.C.E.) is the best way to for a student to
are best-in-class, having achieved substantial industry demonstrate expertise, prove their ability to use
experience in areas such as product definition and real-world industry tools, and validate that they
development, network deployment, and network and have the required knowledge to implement and/
systems engineering. We strive to help our students and or run a successful network.
customers become an expert.
If you are interested in or have any questions regarding
Award Solutions constantly keeps a finger on the pulse of Award Solutions training or services, please visit Awards
the industry, always researching new technologies, and website at www.awardsolutions.com or contact us at
updating our curriculums to stay on the cutting edge. +1-972-664-0727 ext. 306.

Whether you are a training manager responsible for a large OUR PROMISE
organization, or a team lead responsible for enhancing your To continually demonstrate our core values: Integrity,
teams skills, Award Solutions can meet your technology Expertise, Flexibility, Teamwork and Excellent Return on
training needs. Investment.

Award Solutions, Inc. www.awardsolutions.com +1.972.664.0727 v16.0


Instructor Led Training

TECHNOLOGY PRIMERS IP Convergence & IMS


* [TPR1001] IoT in Wireless Networks.............................. 0.5 day [IPC_202] Exploring IPv6.................................................... 1 day
* [TPR1002] C-RAN............................................................. 0.5 day [IPC_203] Exploring MPLS................................................2 days
* [TPR1003] 5G Use Cases and Technology Options....... 0.5 day [IPC_405] IP Networking Workshop for LTE.....................4 days
* [TPR1004] Wi-Fi Offload, LTE-U, and LAA.......................... 0.5 day [IPC_406] IP Networking Workshop for 4G Backhaul.....4 days
* [TPR1005] SON: Self Organzing Networks..................... 0.5 day [IPC_407] IP Routing and Ethernet Bridging Workshop...4 days
* [TPR1006] Voice over Wi-Fi (VoWiFi).............................. 0.5 day [IPC_409] IPv6 Networking Workshop for LTE Networks....3 days
* [TPR1007] Proximity Services, LTE Direct, D2D Communications....0.5 day
* [TPR1008] LTE Broadcast/eMBMS................................ 0.5 day
Network Virtualization
NWV_103] Big Data Essentials.......................................... 1 day
4G LTE
[NWV_110] API Essentials.................................................. 1 day
[LTE_101] LTE Essentials.................................................... 1 day [NWV_120] SDN and NFV Essentials................................ 1 day
[LTE_114] LTE-Advanced Essentials.................................. 1 day [NWV_122] SDN Essentials............................................... 1 day
[LTE_115] LTE RAN Performance Essentials.................... 1 day OpenStack Cloud IaaS Essentials...................................... 1 day
[LTE_116] VoLTE Essentials............................................... 1 day Virtualization and Cloud Computing Essentials................ 1 day
[LTE_205] LTE Technology Overview.................................2 days [NWV_203] Exploring Network Functions Virtualization (NFV)....2 days
* [LTE_209] LTE Technology Overview with Public Safety Features....2.5 days [NWV_204] Exploring Cloud, SDN, NFV............................2 days
[LTE_203] VoLTE and IMS in LTE-EPC Networks.................... 3 days [NWV_205] Exploring Network Virtualization, NFV, SDN, Orchestration, Cloud, and Big Data... 5 days
[LTE_207] Exploring IMS/VoLTE Networks.......................2 days [NWV_206] Exploring OpenStack.....................................2 days
[LTE_301] Mastering LTE Air Interface.............................2 days [NWV_704] Exploring Software-Defined Networking (SDN) for Network Operators.... 2 days
[[LTE_309] Mastering TD-LTE Air Interface......................2 days Exploring Virtualization and Cloud Computing.................2 days
[LTE_302] LTE Protocols and Signaling............................3 days [NWV_304] SDN and NFV Architecture and Operations...3 days
[LTE_305] LTE-EPC Networks and Signaling....................3 days [NWV_402] Software-Defined Networking (SDN) Workshop..3 days
[LTE_313] LTE-EPC Networks and Signaling (Architecture, Attach)....2 days [NWV_403] SDN in Carrier Networks Workshop..............3 days
[LTE_310] LTE-Advanced Technical Overview..................2 days [NWV_406] OpenStack Workshop for SDN and NFV.......4 days
[LTE_401] LTE RF Planning and Design Certification Workshop... 5 days [NWV_407] NFV Application Planning and Design Workshop...3 days
[LTE_405] LTE RAN Signaling and Operations Certification....5 days [NWV_408] Scripting Workshop for SDN and NFV..........2 days
[LTE_408] LTE RAN Capacity Planning Certification Workshop....3 days Software-Defined Networking (SDN) Troubleshooting Workshop.....2 days
[LTE_427] VoLTE Signaling and Operations.....................3 days Linux SysAdmin Workshop for NFV...................................3 days
[LTE_425] eMBMS Protocols and Signaling................... 1.5 days [NWV_404] OpenStack Networking Troubleshooting Workshop... 3 days
* [LTE_428] LTE Broadcast eMBMS in LTE Networks.....................1 day NFV Application Troubleshooting Workshop.....................3 days
[LTE_424] SON: Self Organizing Network Features in LTE and LTE-Advanced...1.5 days [NWV_113] Overview of Mobile CSP Network................... 1 day
[LTE_415] RF Design Workshop: Part 1 - LTE...................2 days [NWV_112] Introduction to Mobile CSP Network.......... 0.5 day
[LTE_416] RF Design Workshop: Part 2 - VoLTE and Small Cells... 2 days [NWV_705] Mobile CSP Network Architecture and Operations...2 days
[LTE_418] LTE RAN Signaling and Operations: Part 1 - Attach...1.5 days
[LTE_419] LTE RAN Signaling and Operations: Part 2 Mobility, QoS, Traffic.....1.5 days
[LTE_420] LTE RAN Signaling and Operations: Part 3 - Interworking (GSM/UMTS)....1.5 days
[LTE_412] LTE RF Optimization Certification Workshop (UE Based)....5 days Wireless Landscape
[LTE_421] LTE RF Optimization: Part 1 Coverage and Accessibility.... 1.5 days [FUND204] Fundamentals of RF Engineering..................2 days
[LTE_422] LTE RF Optimization: Part 2 Downlink and Uplink Throughput...1.5 days
[LTE_423] LTE RF Optimization: Part 3 Mobility and Inter-RAT...1.5 days
[LTE_413] Small Cell and VoLTE RF Planning and Design Certification Workshop...4 days
* New Course

Award Solutions, Inc. www.awardsolutions.com +1.972.664.0727 v16.0


Self-paced eLearning

4G LTE Network Virtualization


[LTE_109] Welcome to LTE (e)..............................................1 hr [NWTF101] Welcome to SDN (Software-Defined Networks) (e)...1 hr
[LTE_102] LTE Overview (e)................................................. 3 hrs [NWTF104] Welcome to Mobile CSP Network Transformation (e)....1 hr
[LTE_103] LTE SAE Evolved Packet Core (EPC) Overview (e).... 3 hrs [NWTF105] SDN Overview (e)...............................................1 hr
[LTE_111] LTE Air Interface Signaling Overview (e)........... 3 hrs [NWTF106] NFV Overview (e)................................................1 hr
[LTE_113] Overview of IPv6 for LTE Networks (e)............... 3hrs [NWTF107] OpenStack Cloud Overview (e)..........................1 hr
[LTE_117] eMBMS Overview (e)............................................1 hr [NWTF108] API Overview (e).................................................1 hr
[LTE_118] Welcome to VoLTE (e)..........................................1 hr [NWTF109] Big Data Overview (e)........................................1 hr
[LTE_112] VoLTE Overview (e)..........................................1.5 hrs [NWTF111] Cloud RAN Overview (e).....................................1 hr
[TRND103] Overview of OFDM (e)...................................... 2 hrs [NWTF114] CSP Network Performance Overview (e)..........1 hr
[TRND104] Multiple Antenna Techniques (e)..................... 3 hrs [NWTF115] OpenStack IaaS Overview (e)............................1 hr
* [NWTF116] Welcome to SDN and NFV I - Introductions (e).... 1 hr
* [NWTF117] Welcome to SDN and NFV II - Foundations (e).... 1 hr
* [NWTF118] Welcome to SDN and NFV I - Technologies (e).... 1 hr
IP Convergence & IMS
[IPC_103] Welcome to IP Networking (e)........................... 3 hrs
[IPC_104] IP Convergence Overview (e)............................. 4 hrs (e) eLearning Course
[IPC_106] Overview of MPLS (e)......................................3.5 hrs
[IPC_107] Overview of IMS (e)..........................................2.5 hrs
[IPC_108] Voice and Video over IP (VoIP) Overview (e)..... 3 hrs
[IPC_109] IP Quality of Service (QoS) (e)............................ 3 hrs
[IPC_110] Session Initiation Protocol (SIP) (e)................... 2 hrs
[IPC_114] IP Basics (e)..........................................................1 hr
[IPC_113] IP Routing (e)........................................................1 hr
[IPC_115] QoS in IP Networks (e).........................................1 hr
[IPC_117] TCP and Transport Layer Protocols (e)................1 hr
[IPC_119] Ethernet Basics (e)...............................................1 hr
[IPC_118] Ethernet VLANs (e)...............................................1 hr
[IPC_116] Ethernet Bridging (e)............................................1 hr
[IPC_122] Ethernet Backhaul Overview (e)........................ 3 hrs
[IPC_120] Interconnecting IP Networks (e)..........................1 hr
[IPC_121] Welcome to IPv6 (e).............................................1 hr

Award Solutions, Inc. www.awardsolutions.com +1.972.664.0727 v16.0


AWARD SOLUTIONS NETWORK VIRTUALIZATION CURRICULUM
focuses on preparing you for the evolution of virtualization and the cloud-based network world.

SOFTWARE-DEFINED NETWORKS
Orchestrating elastic network functions and
ser vices through software

CLOUD COMPUTING
Pooled computing resources accessed in a self-serve way

API SDN

[Application [Software-Defined
Program Interface] BIG Networking]
DATA NFV
A programmatic Making networking
interface that makes [Network Functions capabilities elastic
Finding insights ORCHESTRATION
resources Virtualization] through centralized
by analyzing
software-accessible Running virtualized control
volumes of Automating workflow
diverse data to coordinate network network nodes on
functions and services commoditized
hardware
Table of Contents
Chapter 1: Prologue 1
Chapter 2: Spanning Tree Protocol 7
Broadcast Storms and STP 9
Rapid Spanning Tree Protocol (RSTP) 14
Multiple Spanning Tree Protocol (MSTP) 19
Chapter 3: Routing Table 27
Routing Table Concepts 29
The Longest Match 36
Recursive Routing 40
Black Holes 42
Chapter 4: OSPF Key Concepts 47
Areas and Router Types 50
Link State Advertisements (LSA) 53
Link State Advertisements 57
Chapter 5: OSPF in Wireless Networks 67
Neighbor Discovery 70
Metrics 75
Areas 82
Chapter 6: BGPv4 Key Concepts 89
Autonomous Systems 92
BGP Messages 96
BGP Attributes and Routing Policy 100
Route Reflectors 111
Chapter 7: BGPv4 in Wireless Networks 117
Chapter 8: L3VPN in Wireless Networks 129
Interconnecting MTSOs 131
L3VPN Architecture 135
High-Level Operations 138
Chapter 9: L3VPN Routing 147
Provider-Customer Model 149
MPLS Router 151
VPN Routing and Forwarding 154
VPN Route Distribution using MP-iBGP 160
Route Distinguisher 162
VPNv4 and IPv4 Address Families 167
Route Target 169

IPC_207 Version 2.2c


L3VPN Routing 172
Acronyms 185
References 189
1 | Prologue

Chapter 1:
Prologue

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
1
1 | Prologue

Objectives
After completing this module, you will be able to:
Explain why IP is the data transport of choice for
todays carrier networks
Explain the Customer-Provider Model and its use of
Layer 3 VPNs
Describe the customers found in a carriers
implementation of the Customer-Provider Model
List the routing protocols used in the typical
implementation of L3VPNs

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
2
1 | Prologue

Customer-Provider Model
Customer 1
CE

Site B
Customer 2
CE
Site A Site C
Customer 3
CE
Customer 1 Customer 1
CE CE
PE

Customer 2 P P Customer 2
CE Provider CE
PE PE

Customer 3 P P Customer 3
CE CE
PE

Customer 1
CE

Site D
Customer 2
CE

Customer 3
CE
Award Solutions Proprietary

The Customer-Provider model uses Layer 3 Virtual Private


Network (L3VPNs) to provide private network services to a
set of customers. The customer networks include a
Customer Edge (CE) router that connects to the service
providers Provider Edge (PE) router. The CE and PE
routers exchange routing information, using Border
Gateway Protocol (BGP). The PE routers use MPLS to
forward packets through the backbone and BGP to
distribute the customer routes to other VPN locations.
The L3VPN solution is widely deployed. It is easy for
customers to send data throughout their respective sites,
while at the same time being scalable and manageable
for the service provider. For these reasons, L3VPNs are
used in carrier networks to isolate traffic between
customers and services.
While the terms customer and provider evoke a
commercial relationship, this is not necessarily the case in
a carrier environment. The customer networks represent
subsystems within the larger network, interconnected
through a transport backbone.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
3
1 | Prologue

Segregating Services
MTSO MTSO
3G Voice 3G Voice
CE MTSO CE

3G Data PE 3G Data
CE CE

P P
4G Data 4G Data
CE Core PE CE
PE
IMS P P IMS
CE CE

PE
OAM OAM
CE CE
MTSO
Peering Peering
CE CE

Award Solutions Proprietary

Wireless service providers adopt the L3VPN solution as a


means to manage their networks. The makeup of the
customer networks varies according to service provider
policies, but some generalities may be discussed. The
service provider may choose to implement different
wireless network technologies (e.g., UMTS, EVDO, LTE) as
customer networks. They may also choose to implement
different network services (e.g., voice, Internet access, IP
Multimedia Subsystem (IMS)) as customer networks. Or
they may also use them to segregate Operations,
Administration and Maintenance (OAM) connections or
inter-connectivity with Internet peering or roaming
partners.
The customer networks are present throughout the
service providers facilities, including local Mobile
Telephone Switching Offices (MTSO), regional Network or
Data Centers and national Network or Data Centers.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
4
1 | Prologue

L3VPN Routing Protocols

Award Solutions Proprietary

The customer networks run an interior gateway routing


protocol such as the Open Shortest Path First (OSPF). The
Core runs an interior gateway routing protocol as well to
distribute routes between the PE and P routers. The CE
and PE routers run eBGP to exchange customer routing
information. This routing information is subsequently
passed from one PE router to another PE using Multi-
Protocol BGP (MP-BGP) to distribute customer routes
throughout the network.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
5
1 | Prologue

Summary
Wireless equipment at the cell site used T1s as transport before the
use of IP.
IP interfaces in wireless networks carry user data, OA&M data and
signaling data.
The Customer-Provider Model implements L3VPNs to segregate the
data traffic of individual customers.
The customer networks found in a carriers network can include
networks belonging to individual customers, networks belonging to
technologies such as LTE and UMTS, and networks belonging to
particular traffic types such as OA&M.
In a network that implements Layer 3 VPNs (L3VPNs), eBGP is used
between CEs and PEs to exchange customer routes, MP-BGP is used
between PEs to distribute the customer routes, and OSPF is used
between the PEs and P for internal core routing exchanges.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
6
2 | Spanning Tree Protocol

Chapter 2:
Spanning Tree Protocol

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
7
2 | Spanning Tree Protocol

Objectives
After completing this module, you will be able to:
Explain how the Spanning Tree Protocol protects
networks from broadcast storms
Select the best Spanning Tree Protocol for a
given network
List the differences between STP, RSTP, and
MSTP
Describe the significance of the root switch to
the Spanning Tree Protocol

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
8
2 | Spanning Tree Protocol

Broadcast Storms and


STP

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
9
2 | Spanning Tree Protocol

Spanning Tree Protocols


Legacy STP, now obsolete
STP Recovery time < 1 minute
Does not support VLANs

Recovery time < 1 second


RSTP Does not support VLANs

Cisco proprietary
Rapid-PVST+ One spanning tree per VLAN

Latest open standard


MSTP Multiple VLANs share one spanning tree
Supports hierarchical network design

Award Solutions Proprietary

Several version of spanning tree protocols have been It incorporates the performance improvements of RSTP
developed over the years. The most significant are: and includes support for VLANs. It is used in networks that
run only Cisco equipment, and is not widely supported by
Spanning Tree Protocol (STP)
other equipment vendors.
The first Spanning Tree Protocol published as a standard
Multiple Spanning Tree Protocol (MSTP)
by the Institute of Electrical and Electronic Engineering
(IEEE) in 802.1d-1990. It is generally no longer used in The latest version of the spanning tree protocol
service provider environments as it takes too long to standardized by the IEEE, originally published as 802.1s-
discover and react to changes in the network topology. It 2002 and later incorporated into 802.1q-2005. MSTP
also predates the existence of virtual LANs (VLANs). builds on the capabilities of RSTP and includes support for
multiple VLANs. One notable difference between MSTP
Rapid Spanning Tree Protocol (RSTP)
and Rapid-PVST+ regards the number of spanning tree
As its name implies, RSTP revamps the operation of the instances that run in the switch. Rapid-PVST+ requires
spanning tree protocol to reduce the time it takes to one spanning tree instance per VLAN, while MSTP allows
detect and react to changes in the topology. It does not, many VLANs to be mapped onto a single spanning tree.
however, incorporate support for VLANs. RSTP was first MSTP therefore operates more efficiently when large
published in 802.1w-2001, but was later incorporated numbers of VLANs are configured. MSTP also supports
into 802.1d-2004. hierarchical network design with the concept of a region.
Rapid Per-VLAN Spanning Tree Protocol Plus (Rapid- Topology changes affect the switches in the region, but
PVST+) are invisible to switches outside of the region. This allows
for more efficient operation in large-scale networks.
Rapid-PVST+ represents the an evolution in a series of
spanning tree protocols developed by Cisco Systems, Inc.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
10
2 | Spanning Tree Protocol

Broadcast Storms

bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast gi0/2 gi0/7
gi0/1 gi0/6
SW1 SW2
bcast bcast
bcast gi0/3 gi0/8 bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast

Loops cause broadcast storms

Award Solutions Proprietary

Broadcast storms may occur whenever a loop exists in the 4. SW1 receives two broadcast frames. Ethernet
Ethernet LAN topology. The figure illustrates a simple case provides no means to determine that these are
in which a loop exists between two Ethernet switches. The copies of the frames that it recently forwarded on to
sequence of events unfolds as follows: SW1, so it must process them again. It receives one
frame (green) on port gi0/2 and forwards it out ports
1. The node on the left sends a broadcast frame. SW1
gi0/1 and gi0/3. It receives the other frame (red) on
receives it on port gi0/1.
port gi0/3 and forwards it out ports gi0/1 and gi0/2.
2. Whenever an Ethernet switch receives a broadcast The node on the left receives two copies of the frame
frame, it forwards the frame out all active ports, that it originally sent.
except the one on which the frame was received. In
The frames are now stuck in the loop. Ethernet has no
this case, SW1 forwards the frame out ports gi0/2
concept of a frame identifier, so the switches do not
(shown in red) and gi0/3 (shown in green).
recognize that they are processing the same frame again
3. SW2 receives two broadcast frames. Ethernet does and again. Ethernet also does not have a timeout
not provide any means to determine that these are, in mechanism, so the switches continue processing the
fact, two copies of the same original frame, so SW2 frames in this manner forever. And each iteration through
must process each one independently. It receives one the loop causes additional copies of the frame to be
frame (red) on port gi0/7 and forwards it out ports made, so the storm consumes an increasing amount of
gi0/6 and gi0/8. It receives the other frame (green) bandwidth, buffer space and processing time.
on port gi0/8 and forwards it out gi0/6 and gi0/7.
The node on the right receives two copies of the
frame.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
11
2 | Spanning Tree Protocol

Broadcast Storm Prevention

CE CE
CE CE
Backhaul
Router
PE
PE

1. Prefer IP and MPLS over Ethernet


for large networks
2. Avoid loops in Ethernet topology
3. Storm Control
4. Spanning Tree Protocols

Award Solutions Proprietary

Broadcast storms may be prevented (or managed) by


avoiding large, complex Ethernet networks in the first
place. Service providers may choose to strategically
deploy IP and MPLS to minimize the reach of the Ethernet
topology. Where Ethernet is used, designing loop-free
networks (i.e., tree topology) also eliminates the
conditions in which storms may occur. Most Ethernet
switches also implement some form of storm control
mechanisms wherein the broadcast traffic gets throttled.
Storm control features minimize the damage caused by
broadcast storms, but do not prevent them outright.
Finally, spanning tree protocols can also be used to
automatically patrol the network for loops. When a loop is
detected, the spanning tree protocol automatically
disables some links in order to break the loop.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
12
2 | Spanning Tree Protocol

Spanning Tree Protocol

Before After
Award Solutions Proprietary

When Spanning Tree Protocol is used, the switches in the


network exchange messages that enable them to detect
loops that would otherwise cause broadcast storms. They
then select one or more ports to be blocked in order to
simplify the logical topology of the network such that it
resembles a tree. The switches do not forward user traffic
through a blocked port. The net result is that the loop is
broken and the conditions for a broadcast storm are
eliminated.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
13
2 | Spanning Tree Protocol

Rapid Spanning Tree


Protocol (RSTP)

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
14
2 | Spanning Tree Protocol

The Root Switch


8192 32768
+ AABB:1122:0007

32768 32768
+ AABB:1122:0002 + AABB:1122:0003
32768
+ AABB:1122:0001
32768 32768
+ AABB:1122:0004 + AABB:1122:0005

32768
+ AABB:1122:0006

Root Switch Election


ID = Priority + Address
By default, all switches use same priority value
Override default priority value to specify root switch
Award Solutions Proprietary

The Spanning Tree Protocol selects one switch to serve as has the numerically lowest address. By changing the
the root of the logical tree topology. The root switch priority of the switch at the top of the figure, we ensure
election process governs which switch gets selected as that it wins the root switch election.
the root and ensures that all switches make the same
selection. The procedure is relatively straightforward. Each
switch has a unique identifier. The switch with the lowest
identifier becomes the root. The identifier is a combination
of a priority value and the switchs MAC address. By
default, all switches use the same priority value, so the
root switch election boils down to which switch has the
numerically lowest MAC address.
Choosing the root switch based solely on the MAC address
is fairly arbitrary, but the loop detection procedures work
regardless of which switch gets elected to be the root. The
administrator may influence the outcome, however, by
overriding the default priority value and setting it to
something lower than the default value. The other
switches then select it as the root switch.
The figure illustrates the process of overriding the default
priority value to select the root switch. If we let all of the
switches use the default priority value of 32768, then the
switch in the center would become the root switch, since it

Award Solutions' eBook is authorized for a single user only. Do not distribute.
15
2 | Spanning Tree Protocol

Shortest Path Selection

Cost: 2000
Root Path Cost:
Cost: 2000 1 4000 Cost: 2000

Cost: 2000

Root Path Cost:


Root Path Cost: 6000
6000

Shortest Path Selection


Port Cost = assigned based on link speed (range: 1 to 200M)
Root Path Cost = sum of port costs of shortest path to root switch

Award Solutions Proprietary

The spanning tree algorithm assigns a cost to each switch


port based on the speed of the link. Faster links cost less.
The spanning tree algorithm also calculates the root path
cost for each switch port. This is defined as the sum of the
port costs between it and the root switch. When the
spanning tree detects a loop, it uses the root path cost to
determine which ports should carry traffic and which
should be blocked.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
16
2 | Spanning Tree Protocol

Port Role Assignment


8192
+ AABB:1122:0007

32768 32768
+ AABB:1122:0002 + AABB:1122:0003
32768
1
+ AABB:1122:0001
32768 32768
+ AABB:1122:0004 + AABB:1122:0005

Root Port
32768
Designated Port
+ AABB:1122:0006
Alternate Port

Port Roles
Root Port = per switch, shortest path to root switch; forwards traffic
Designated Port = per segment, shortest path to root; forwards traffic
Alternate Port = alternate, but less optimal path to root switch; discards
traffic
Award Solutions Proprietary

The spanning tree algorithm assigns each switch port a


specific role to play. It selects one port on each switch to
be the root port for that switch. This port provides the
most optimal path to the root switch (i.e., the lowest root-
path cost). The algorithm also selects one port on each
LAN segment to be the designated port for that segment.
Any remaining ports are designated alternate ports. Root
ports and designated ports forward user traffic. Alternate
ports discard user traffic.
The spanning tree algorithm only assigns the alternate
port role when a loop exists in the networks topology. This
is the heart of the algorithms loop-detection function. The
loop is broken because the alternate port discards user
traffic. When a node in the LAN sends a broadcast frame,
it floods the network through root and designated ports,
but gets dropped by alternate ports.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
17
2 | Spanning Tree Protocol

Topology Changes

Link Fails

1 DP becomes RP
Proposal/
RP becomes
Agreement
DP
Proposal/ Root Port
Agreement Designated Port
AP becomes RP Alternate Port

Topology Changes
Nodes detect link failure through Physical Layer, or message timeout
Proposal and agreement process updates port roles
Topology Change Notification tells switches to flush MAC tables

Award Solutions Proprietary

When a switch detects the loss of a Physical Layer signal, example, the root path cost is the same for both alternate
the spanning tree algorithm re-assesses the port role ports, so the port priorities are considered. Similar to the
assignments in light of the new connectivity. If it root switch priority, the administrator can influence the
determines that a change is necessary, it sends a selection of the root switch by modifying the default
proposal of the new role to its neighboring switch. The priority value. If both ports have the same priority value,
neighboring switch re-assesses its own port roles based then the numerical port identifier is used to break the tie.
on this new information and may agree or, if it believes it The bottom-most switch sends a proposal to the
has better insight into the topology, issue a counter- neighboring switch (on its left in the figure). The proposal
proposal. Changing the role of one port on the switch may does not require it to change any of its port roles, so the
cause a ripple effect throughout the network. The configuration changes stop there. The network has re-
proposal/agreement exchanges propagate in a link-by-link converged on the new topology.
fashion away from the failure toward the root switch until
One task remains, however. Remember that each of the
it reaches a switch for whom the new proposal does not
switches in the network maintains a MAC table that
require any changes.
associated MAC addresses with port numbers. Some of
In the figure shown, the link that connects the center that information is now out of date. The root switch sends
switch to the root switch fails. This had been the center a Topology Change Notification, which the other switches
switchs root port. The precise details of the operation go use as a signal to flush stale data from their MAC tables.
beyond the scope of this discussion, but the loss of the
root port forces the center switch to change the remaining
ports role from designated port to root port. The bottom-
most switch changes its root port to a designated port and
must therefore unblock one of its alternate ports. In this

Award Solutions' eBook is authorized for a single user only. Do not distribute.
18
2 | Spanning Tree Protocol

Multiple Spanning Tree


Protocol (MSTP)

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
19
2 | Spanning Tree Protocol

Multiple VLAN Sample Topology


Access switches

Spanning Tree manages


SWA redundant links

SWC MLS

SWD

Aggregation switches
SWB

Award Solutions Proprietary

The figure illustrates a hypothetical Ethernet backhaul


network design. In this design, each cell site is assigned a
unique VLAN ID. The cell site links enter the Mobile
Telephone Switching Office (MTSO) and connect to a set
of access switches. Each access switch carries traffic for
ten cell sites. Two access switches, designated SWA and
SWB are shown in the diagram. The others are omitted
due to lack of space. The access switches connect to a
pair of aggregation switches, SWC and SWD, which in turn
connect to a Multi-Layer Switch (MLS) that acts as
backhaul router. The spanning tree protocol manages the
redundant links between the access and aggregation
switches.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
20
2 | Spanning Tree Protocol

Spanning Tree Results

SWA

SWC MLS

SWD

SWB Root Port


Designated Port
Alternate Port

Award Solutions Proprietary

Lets assume that the MLS is the root switch in our sample
topology. When the spanning tree algorithm runs, each
access switch selects a root port and an alternate port.
The root path costs are the same for both ports (assuming
of the same links are the same speed), so the selection of
the root and alternate ports is fairly arbitrary. In the figure
shown, the top-most port on SWA remains active, while the
bottom-most port gets blocked. SWB does just the
opposite of this.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
21
2 | Spanning Tree Protocol

Load Balancing with VLANs


MSTP = Two Spanning Trees

SWA SWA

SWC MLS SWC MLS

SWD SWD

MSTP
Efficient load balancing
Two spanning trees (one blocks port 1, the other blocks port 2)
Half of the VLANs get mapped to one spanning tree; half get mapped to the other
PVSTP+
Less efficient load balancing ; one spanning tree per VLAN
Half of the VLANs block port 1; the other half block port 2
RSTP
Single spanning tree, active/idle configuration, no load balancing
Award Solutions Proprietary

When redundant links are deployed in the network, half of the spanning trees to select the top-most port to be
service providers often prefer a load-balancing solution to the root port and the bottom-most port to be the alternate
a strict active/standby scheme. When multiple VLANs are port. We could configure the other half of the spanning
used, this can be accomplished by directing some VLAN trees to do just the opposite. The net effect is that the
traffic (for example, the even-numbered VLANs) across traffic would be evenly divided (assuming the cell sites
one of the redundant links and other VLAN traffic (for were equally loaded) across the two links. If either of the
example, the odd-numbered VLANs) across the other links failed, then the spanning trees would react by
redundant link. unblocking the alternate port and all traffic would be
directed over the remaining link.
Referring back to our sample topology, let us focus on the
links that connect access switch SWA to the aggregation
switches SWC and SWD. SWA carries traffic for 10 VLANs
(one per cell site). If RSTP is used to manage these links,
then load balancing is not possible. When RSTP computes
the spanning tree, the traffic for all 10 VLANs is carried
over the active link. The blocked link remains idle. This is
because RSTP does not support the notion of computing
multiple spanning trees.
Alternatively, one could use PVSTP+ instead. As its name
implies, Rapid PVSTP+ computes one spanning tree
solution for each VLAN configured on the switch. There
would therefore be 10 spanning trees in our example. By
overriding the default port priorities, we could arrange for

Award Solutions' eBook is authorized for a single user only. Do not distribute.
22
2 | Spanning Tree Protocol

Load Balancing with VLANs (Continued)


MSTP = Two Spanning Trees

SWA SWA

SWC MLS SWC MLS

SWD SWD

MSTP
Efficient load balancing
Two spanning trees (one blocks port 1, the other blocks port 2)
Half of the VLANs get mapped to one spanning tree; half get mapped to the other
Rapid PVSTP+
Less efficient load balancing ; one spanning tree per VLAN
Half of the VLANs block port 1; the other half block port 2
RSTP
Single spanning tree, active/idle configuration, no load balancing
Award Solutions Proprietary

While Rapid PVSTP+ achieves the goal of balancing the


traffic load, it does so at a certain cost. SWA needs to
maintain 10 separate spanning tree instances. Each
spanning tree instance introduces some processing,
memory and messaging overhead. Note, however, that in
our sample topology, there are really only two possible
spanning trees. The fact that Rapid PVSTP+ requires one
spanning tree per-VLAN means that it creates five
separate copies of each of the two possible spanning
trees. This is where MSTP offers some advantages over
RSTP and Rapid PVSTP+.
MSTP allows us to define spanning tree instances and
then associate those instances with a set of VLANs. In our
case, we would create the two spanning tree instances,
overriding the port priorities so that they choose different
root ports, and then map five VLANs onto each of the two
instances.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
23
2 | Spanning Tree Protocol

MSTP Regions

Award Solutions Proprietary

MSTP supports a form of hierarchical network design by


introducing the concept of a region. A region is a collection
of switches that share a common view of their physical
and logical topology. Collectively, the switches in the
region appear as a single, virtual switch to the switches
outside of the region. When a topology change occurs
within the region, the switches inside the region re-
converge on the new topology. The switches outside the
region remain unaware of, and unaffected by, the topology
change.
MSTP regions allow the Ethernet LAN to grow in scale and
complexity without adversely affecting the performance of
the error detection and recovery procedures.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
24
2 | Spanning Tree Protocol

Summary
Spanning Tree Protocol (STP) prevents loops
from triggering broadcast storms in Layer 2
networks.
Rapid Spanning Tree Protocol (RSTP)
significantly reduces the time to detect and
recover from a failure.
Multiple Spanning Tree Protocol (MSTP) adds
support for VLANs.
MSTP provides an efficient means to load
balance VLAN traffic across multiple links.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
25
2 | Spanning Tree Protocol

Review Exercise
32768 + e05f:b903:5280

32768 + e05f:b903:753a
32768 + e05f:b903:535a

SWA 32768 + e05f:b903:5280


32768 + e05f:b903:4653
32768 + e05f:b9c3:7719

SWC MLS
32768 + e05f:b903:1121
SWD
32768 + e05f:b9c3:a2d0
32768 + e05f:b903:9863

SWB
32768 + e05f:b903:af3c
32768 + e05f:b93f:d9ea

Award Solutions Proprietary

The figure illustrates a hypothetical Ethernet backhaul


network. Based on the priority and addresses shown,
which switch is selected as root switch by the Spanning
Tree Protocol? What could you do to ensure that the MLS
becomes the root switch?

Award Solutions' eBook is authorized for a single user only. Do not distribute.
26
3 | Routing Table

Chapter 3:
Routing Table

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
27
3 | Routing Table

Objectives
After completing this module, you will be able to:
Read and understand IP routing tables
Understand the factors that go into the route
selection algorithm
Identify the preferred route from a set of
alternates
Employ recursive routing techniques
Explain how black holes impact routing and why
a packet might be deliberately discarded

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
28
3 | Routing Table

Routing Table
Concepts

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
29
3 | Routing Table

Routing Table Concepts

Routing Table
Sources
Destination Source Cost Next Hop Forwarding
Static
Information
Connected 0.0.0.0/0 Static 1 192.168.1.1
Base
Dynamic 192.168.1.0/24 Connected 2 Gi 0/0
10.1.1.0/22 OSPF 10 10.5.3.8
172.16.0.0/16 BGP 20 192.168.7.30

Award Solutions Proprietary

The routing table is essentially a collection of network while its convenient to talk about the router searching the
addresses that the router knows how to reach. For a given routing table when it receives a packet, modern routers
inbound packet, the routing table indicates to which node copy the contents of the routing table into a more
it should forward the packet (the next hop) and/or the optimized data structure, typically called the Forwarding
outbound interface it should use to get there. The routing Information Base (FIB).
table entries may contain additional information used to
prioritize routes, indicate their origin and how long theyve
been around.
Routing table entries come from one of three possible
sources. The most straightforward source of routes are
the routers own network interfaces. If we configure an
interface with the address 192.168.1.1/24, then it stands
to reason that the router knows how to reach the nodes
on the 192.168.1.0/24 subnet. Similarly, so-called static
routes can be created by explicitly configuring the routes
on the router. Finally, the router can use a dynamic routing
protocol such as OSPF and BGPv4 to exchange routing
information with other routers.
Its worth noting that the routing table is only one
repository of routing information. Individual routing
protocols maintain databases that contain routing
information theyve learned from neighboring routers. And

Award Solutions' eBook is authorized for a single user only. Do not distribute.
30
3 | Routing Table

Routing Table Example


R1# show ip route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d
136.141.0.0/24 is subnetted, 2 subnets
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary

This sample routing table is used to discuss the concepts


and structure that make up the routing table.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
31
3 | Routing Table

Parent and Child Routes


R1# show ip route
Level 1 Route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d Level 1/Parent Route
136.141.0.0/24 is subnetted, 2 subnets Level 2/Child Route
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary

The routing table is organized into two tiers.


Level 1 routes serve as routes only as shown in the first
line of the example above or they may serve as indexes to
the Level 2 routes listed below them as seen in the third
line of our example. When a router searches for a match
to a particular destination address, it first searches the
Level 1 routes. If it finds a match, then it searches the
Level 2 routes for a more specific match.
A Parent Route is a Level 1 route that has Level 2 routes
beneath it. A Child Route is a Level 2 route. The router
automatically adds Parent Routes to the routing table
when Child Routes are created.
The basis of this two-tier hierarchy is classful routing which
has been replaced by Classless Inter-Domain Routing
(CIDR). This hierarchy is useful for quickly searching the
routing table and does not mean that the network
employs classful addressing or that the router uses
classful routing.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
32
3 | Routing Table

Prefix Length
R1# show ip route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d Prefix in Level 1 Route
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d
Prefix in Level 2 Route
136.141.0.0/24 is subnetted, 2 subnets
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary

The prefix length sets the range of addresses that a route Level 1 with Children
applies to. For example, if a network is listed as
Case 1: All Children have same prefix length.
10.10.10.0/24, the route applies to destination IP
addresses in the range from 10.10.10.0 to Level 1 route lists the prefix length, Child Routes
10.10.10.255. If the network is listed as 10.10.10.0/28, do not list prefix lengths.
the route applies to IP addresses in the range of Case 2: Children have different prefixes.
10.10.10.0 10.10.10. 15. All routes in a routing table
must have a prefix length in order to determine the range Prefix lengths are listed for each Child and the
of addresses that the route applies to. The range for each Level 1 route uses the classful prefix for the
route is not necessarily unique. The ranges for network.
10.10.10.0/28 is wholly contained in the range for
10.10.10.0/24. If you examine the sample routing table,
some routes do not have route prefixes, for example,
136.141.6.0 [1/0] via 12.122.125.4, 7w0d and
136.141.2.0 [120/0] via 12.122.125.4, 7w0d.
<COLUMN BREAK HERE>
The presence or absence of the prefix length in the
example table is determined by the rules below.
Level 1 with no Children
Level 1 route has its own prefix length.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
33
3 | Routing Table

Whats in a Route?
R1# show ip route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d Route Code
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d
Admin.Distance/Metric
136.141.0.0/24 is subnetted, 2 subnets
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d Next-Hop Address
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary

Route Code of using the particular route. Metrics act as tie breakers
when the router must select between routes for the same
The route code indicates the source of the routing
destination network, which were learned from the same
information. The meaning of the codes is given at the top
dynamic routing protocol. Most routing protocols allow
of the routing table when working with the device. In our
Equal Cost Multi-Path (ECMP) and allow multiple routes to
example here, B=BGP, O=OSPF, S=Static, and R=RIP.
the same destination network having the same metric to
Connected routes (not shown here) are listed with a C and
be installed in the routing table. Traffic matching these
Local routes (AKA Host routes) are listed with an L. Host
routes is load-balanced across the ECMP routes. ECMP
routes represent the routers own IP addresses and carry
adds overhead to the forwarding function of a router as
a 32-bit prefix length.
the router must track which data stream is using which of
Administrative Distance the routes. Administrators can set the maximum number
The administrative distance is a precedence value of ECMP routes that are allowed per destination network.
assigned to the route, based on the source of the routing The metric may also be manipulated by an administrator
information. Some sources of routing information are to prefer one ECMP route over another.
considered more trustworthy than others, and have a Next-Hop Address
lower administrative distance. If the same route is learned
The next-hop address identifies the IP address of the
through multiple sources, the one with the lowest
device to which the router sends packets that match the
administrative distance gets installed into the routing
route. The next-hop address is typically the IP address of
table.
the router that provided the route.
Metric
Each route is assigned a metric to show the relative cost

Award Solutions' eBook is authorized for a single user only. Do not distribute.
34
3 | Routing Table

Administrative Distance
Source Administrative Distance
Connected 0
Static 1
EIGRP summary route 5
eBGP 20
Internal EIGRP 90
IGRP 100
OSPF 110
IS-IS 115
RIP 120
EGP 140
ODR 160
External EIGRP 170
iBGP 200
<Unknown> 255
Award Solutions Proprietary

In general, when a router knows more than one route to a administrative value is a configuration parameter set
particular destination, it prefers the one with the lowest within the router and is not exchanged by the routing
metric. This can be a problem when the routes were protocols (also unlike the route metrics).
learned from different sources because the metrics that
Routing protocols with lower administrative distances are
one routing protocol uses may not be consistent with the
deemed to be more reliable, accurate or trustworthy than
metrics used by other routing protocols. For example, BGP
those with higher administrative distances. The table
uses the number of Autonomous Systems (ASs) in its Path
shown here lists the default administrative values used by
Vector as a metric, while OSPF metrics are based on
Cisco routers. The defaults can be overridden, however, if
bandwidth. Relying solely on route metrics, the router
one wishes to change the relative rankings.
would not be able to select the best possible routes.
Finally, its worth noting that the administrative distance
The router uses the Administrative Distance to select the
determines which routes actually get installed in the
best possible route from among a set of alternate routes
routing table. Typically multiple routes to the same
that were learned from different routing sources. The
destination network (as specified by network address and
administrative distance is determined by the source of
prefix length) from different routing protocols are not
routing information. Routing information sources with
found in routing tables. Whichever one has the lower
lower administrative distance values are preferred over
administrative distance causes the others to be bumped
those with higher administrative distance values.
from the routing table.
Unlike the route metric, the administrative distance is not
set on a per-route basis. All routes from a particular
routing information source share the same administrative Source: What is Administrative Distance?, Document ID:
distance value. For example, all routes learned by OSPF 15986, Cisco.
have 110 as the administrative distance value. The

Award Solutions' eBook is authorized for a single user only. Do not distribute.
35
3 | Routing Table

The Longest Match

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
36
3 | Routing Table

Finding the Right Route


Source IP: 12.12.134.19
Destination IP: 66.134.50.11

Is
Prefix
Route Range of Addresses 66.134.50.11
Length
in this range?

66.0.0.0 /8 66.0.0.0 66.255.255.255

66.134.0.0 /18 66.134.0.0 66.134.63.255

66.134.48.0 /20 66.134.48.0 66.134.63.255

Award Solutions Proprietary

A packet has arrived with destination address


66.134.50.11. The router has the following three routes
installed in its routing table.
66.0.0.0/8 next-hop 10.10.10.1 gi0/1
66.134.0.0/18 next-hop 12.13.14.5 gi0/22
66.134.48.0/20 next-hop 62.34.24.33 gi0/3
The prefix length indicates the range of addresses
covered by the route. Here is the range for each of the
routes.
66.0.0.0/8 has range 66.0.0.0 66.255.255.255
66.134.0.0/18 has range 66.134.0.0
66.134.63.255
66.134.48.0/20 has range 66.134.48.0
66.134.63.255
Our destination address, 66.134.50.11 falls into each of
these three ranges. When a router discovers more than
one possible route for the packet it bases the forwarding
decision on the Longest-Match Rule.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
37
3 | Routing Table

Longest-Match Rule

Destination IP
01000010 10000110 00110010 00001011
66.134.50.11

S 66.0.0.0/8 01000010 00000000 00000000 00000000


Destination matches 8 bits
B 66.134.0.0/18 01000010 10000110 00000000 00000000
Destination matches 18 bits
O 66.134.48.0/20 01000010 10000110 00110000 00000000
Destination matches 20 bits

Longest-Match Rule: the route matches if the first n bits of the


packets destination address match the first n bits of the route
entry, where n is the routes prefix length.

Award Solutions Proprietary

The Longest-Match Rule says that when multiple routes


contain the destination address in their ranges, the one
with the longest prefix length is the route to use.
Examining our prefix lengths we have /8, /18/ and /20.
The /20 is the longest prefix length and the route
66.134.48.0/20 is the route used for forwarding the
packet.
A route is said to match the packets destination address
if the packets destination address has the same network
prefix as the route. In other words, the route matches if
the first n bits of the packets destination address match
the first n bits of the route entry, where n is the routes
prefix length. The bits in the destination address must
match exactly the bits in the network prefix of the route.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
38
3 | Routing Table

Longest-Match Exercise
1 66.0.0.0/8 0100 0010 0000 0000 0000 0000 0000 0000

2 66.134.0.0/18 0100 0010 1000 0110 0000 0000 0000 0000

3 66.134.48.0/20 0100 0010 1000 0110 0011 0000 0000 0000

Which Route (above) do these Destination IPs use?

66.128.12.31 0100 0010 1000 0000 0000 1100 0001 1111

66.134.64.222 0100 0010 1000 0110 0100 0000 1101 1110

66.134.46.76 0100 0010 1000 0110 0010 1110 0100 1100

Award Solutions Proprietary

The Longest-Match requires that the destinations prefix


match the network prefix exactly. Enter the route number
in the space provided for each of the destination IP
addresses.
What happens if there is no matching route for the
destination IP address?

Award Solutions' eBook is authorized for a single user only. Do not distribute.
39
3 | Routing Table

Recursive Routing

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
40
3 | Routing Table

Recursive Routing
P1#show ip route Next Hop
1 10.0.0.0/30 is subnetted, 2 subnets, 2 masks address
10.1.0.4 [110/2] via 172.16.4.2, 00:02:56 Exit
2 172.16.0.0/30 is subnetted, 8 subnets Interface
172.16.4.0 is directly connected, fa0/1/2

Dst: 10.1.0.5
fa 0/1/2

172.16.4.2 10.1.0.5

P1#show ip route Next Hop


1 10.0.0.0/30 is subnetted, 2 subnets, 2 masks address
10.1.0.4 [110/2] via 172.16.4.2, 00:02:56, fa0/1/2 Exit
172.16.0.0/30 is subnetted, 8 subnets Interface
172.16.4.0 is directly connected, fa0/1/2
Award Solutions Proprietary

The router needs two pieces of information to forward a


packet to the next device in the path toward its
destination: the next-hop address and the exit interface. If,
after searching the routing table, the preferred route
identifies only the next-hop address, but not the exit
interface, the router searches the routing table a second
time to locate a suitable exit interface.
In the example given above, the router receives a packet
with a destination address of 10.1.0.5. Its first pass
through the routing table selects the 10.1.0.4/30 route as
the preferred route. This entry includes the next-hop
address, 172.16.4.2, but not the exit interface. The router
searches the routing table a second time for a route to
172.16.4.2. It finds the 172.16.4.0/30 route and
determines that fa0/1/2 is the exit interface.
This recursive search could have been avoided if the
10.1.0.4/30 route had included both a next-hop address
and an exit interface. This is useful to remember,
especially when configuring static routes. Specifying both
the next-hop address and the exit interface reduces the
amount of processing required to forward the packets.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
41
3 | Routing Table

Black Holes

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
42
3 | Routing Table

Black Holes
Network forwards
packets to a router
Router drops the
packets
Possible reasons:
Routing Error
MTU Error
Intentional Discard
Black Hole Route:
R(config)#ip route 10.1.1.1 255.255.255.0 null0

Award Solutions Proprietary

The term black hole refers to the case when a router routing table includes a null route (also known as
receives a packet, but cannot forward the packet and the black hole route). Any incoming packets that that
packet is dropped. This action results in a routing black match that route are discarded. This is an appropriate
hole, analogous to the theoretical astronomical way to deal with malicious traffic, for example. An
phenomenon of a region in space with a gravitational pull Intrusion Prevention System (IPS) may dynamically
such that nothing, not even light, can escape. create a null route when it detects suspect activity.
ICMP messages are usually suppressed in this case,
There are several reasons why black holes in the IP
so as to conceal the countermeasures from the
networking sense might occur.
attacker.
Routing Errors A packet arrives, the router finds no
route and discards the packet. If the router is allowed
to send ICMP messages, it notifies the sender using
an Internet Control Message Protocol (ICMP)
Destination Network Unreachable message.
MTU Problems If the Maximum Transmission Unit
(MTU) of the outbound link is too small to
accommodate the packet, and if the packets Dont
Fragment bit is set, the router drops the packet and
send an ICMP Fragmentation Required message
indicating what the MTU must be to send the packet
through the interface.
Intentional Discard In some circumstances, the

Award Solutions' eBook is authorized for a single user only. Do not distribute.
43
3 | Routing Table

Summary
There are three sources of routes: directly connected
interfaces, static routes, and dynamic routing protocols.
Routing table organization is as follows: Level 1 and Level 2
routes; Parent and Child Routes.
Administrative distance, the longest-match rule and route
metrics are used to select from among multiple alternate
routes.
Routing table entries have a next-hop address, metric and
(optionally) exit interface.
Recursive routing may be used when the route table entry
does not specify an exit interface.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
44
3 | Routing Table

Review Questions
Use the table on the following page to answer the
questions below.
1. How many Level 1 routes are in this table?
2. How many routes were learned through dynamic
routing protocols?
3. The router receives a packet with the destination
address 172.16.0.1. Which interface does the
router send the packet out?
4. The router receives a packet with destination
address 20.15.0.4 Which interface does the
router send the packet out?
Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
45
3 | Routing Table

Review
P1#show ip route
Codes: C - connected, S - static, R - RIP, B BGP, O - OSPF

140.30.0.0/25 is subnetted, 1 subnets


C 140.30.19.0 is directly connected, gi0/1
B 20.0.0.0/8 [20/0] via 140.30.19.110, 00:04:17
66.0.0.0/20 is subnetted, 1 subnets
C 66.134.48.0 is directly connected, gi0/0
172.16.0.0/30 is subnetted, 8 subnets
C 172.16.60.0 is directly connected, fa0/1/6
C 172.16.56.0 is directly connected, fa0/1/2
C 172.16.52.0 is directly connected, fa0/1/3
C 172.16.24.0 is directly connected, fa0/1/5
C 172.16.16.0 is directly connected, fa0/1/4
C 172.16.8.0 is directly connected, fa0/1/1
C 172.16.4.0 is directly connected, fa0/1/0
O 172.16.0.0 [110/2] via 172.16.4.2, 00:02:56, fa0/1/0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 10.1.4.1/32 [110/2] via 172.16.4.2, 00:02:56, fa0/1/0
O 10.1.0.4/30 [110/2] via 172.16.4.2, 00:02:56, fa0/1/0

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
46
4 | OSPF Key Concepts

Chapter 4:
OSPF Key Concepts

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
47
4 | OSPF Key Concepts

Objectives
After completing the module, you will be able to:
Describe how OSPF relates to Autonomous
Systems and other routing protocols.
Describe the design of scalable networks using
OSPF areas
Describe the role of Area Border Routers (ABRs)
List the types of Link-State Advertisements that
OSPF uses to communicate routing information

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
48
4 | OSPF Key Concepts

Open Shortest Path First (OSPF)


AS 100 BGP
AS 300
BGP

OSPF Area 0
OSPF Area 1 OSPF Area 2

Interior Gateway Protocol IETF Standard (RFC 2328)


Link State Protocol Uses Areas to subdivide the
Bandwidth Link cost autonomous system

Award Solutions Proprietary

The Open Shortest Path First (OSPF) protocol is a widely added by the protocol. The Shortest Path First algorithm
used interior gateway protocol. It is a mature protocol, would run more frequently and need to consider greater
defined by the Internet Engineering Task Force (IETF) numbers of alternate paths, increasing the amount of
standard specification, Request for Comment (RFC) 2328. processing that OSPF performs.
OSPF runs within a single Autonomous System (AS). OSPF OSPF areas provide scalability by dividing the autonomous
routers collect information about the AS topology, known system into logical subsystems. Each router learns the
generically as Link State Advertisements (LSAs). The detailed topology of its own area, but not that of other
routers store this information in a Link State Database areas. Instead, the Area Border Router (ABR) originates a
(LSDB) and use it to calculate least-cost routes to each of Summary-LSA into the area on behalf of all the routers
the destinations in the AS. These routes loaded into outside of the area.
routing tables.
All routers in a single area have identical LSDBs. ABRs
OSPF quickly detects changes to the AS topology (such as have a LSDB for each area that they participate in.
interface failures), updates the LSDB, recalculates the
cost of the routes and updates the routing tables.
OSPF Areas allows OSPF to perform more efficiently over
large networks. Without OSPF areas, OSPF would not scale
well as the size and complexity of the Autonomous System
grows. The Link State Database (LSDB) would expand,
increasing the amount of memory that OSPF needs to
function. The number of Link State Advertisements (LSA)
sent would increase, worsening the messaging overhead

Award Solutions' eBook is authorized for a single user only. Do not distribute.
49
4 | OSPF Key Concepts

Areas and Router


Types

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
50
4 | OSPF Key Concepts

The Backbone Area: Area 0

Area 0
Area 1 Area 2

Backbone Area = Area 0


All areas must connect to backbone area
Distribute inter-area routes

Award Solutions Proprietary

OSPF defines a special area called the backbone. The


backbone is always be area 0 (alternately written as
0.0.0.0). All other areas must connect to the backbone.
This acts as a transit network for inter-area traffic. The
non-backbone areas send routing information to the
backbone, which in turn distributes the information to the
other non-backbone areas.
If an area does not contain a physical interface to the
backbone network, a logical backbone connection may be
formed by configuring whats called a virtual link.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
51
4 | OSPF Key Concepts

OSPF Router Types


AS 100 AS 300

Backbone Router ASBR and


Backbone Router
ASBR, ABR and Area 0
Backbone Router Backbone Router

Area Border Router


(ABR)
Area 1 Area 2

Internal Router
Internal and
Autonomous
System Boundary
Router (ASBR)
AS 200
AS 400
Award Solutions Proprietary

OSPF defines four types of routers: Internal Routers, through static configuration. They originate External-AS
Backbone Routers, Area Border Routers, and Autonomous Link State Advertisements (LSAs) to communicate these
System Boundary Routers. Depending on their function, a external routes throughout the AS.
given router may be of one or more of these types.
The simplest type of router is an internal router. If all of a
routers interfaces are part of the same area, then that
router is said to be an internal router.
A router with at least one interface that is part of the
backbone area is a backbone router. If all of the routers
interface are part of the backbone area, then that router
could be considered both a backbone and internal router.
The Area Border Router (ABR) contains interfaces on at
least two different areas. The ABR originates Summary-
LSAs into the backbone containing a summary of the non-
zero areas intra-area routes. It originates Summary-LSAs
into the non-zero area containing a summary of the ASs
inter-area routes.
The Autonomous System Boundary Router (ASBR)
exchanges routing information with other Autonomous
Systems (ASs). This may be through a different routing
protocol, such as the Border Gateway Protocol (BGP) or

Award Solutions' eBook is authorized for a single user only. Do not distribute.
52
4 | OSPF Key Concepts

Link State
Advertisements (LSA)

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
53
4 | OSPF Key Concepts

Link State Database


R1 R2 R3 R4 R5 R6 R7 R8 R9 R10 R11 N1 N2 N3
R1 3 0 0
R2 5 5 5 0
R3 5
R4 5
R5 5
R6 3 0 0
R7 4 4 4 0
R8 4
R9 4
R10 4 Using the information in
R11 3 3 this LSDB, draw the
N1 3 3 topology of the local
N2 1 1 network.
N3 2 2
Award Solutions Proprietary

The router maintains a Link State Database (LSDB) for 4. External-LSAs. The autonomous system boundary
each area to which it belongs. The contents of the LSDB router originates an External-LSA that contains routes
are flooded to all of the routers in the area. Each of the to destinations outside the autonomous system.
routers in the area eventually build an exact replica of the
Using the information in the chart, draw the network
areas LSDB. The LSDB is a representation of the topology
topology for the local area that contains 11 routers and
of the area. It identifies the routers and networks in the
three networks. The numbers indicate the metrics on the
area, the links that interconnect them and the cost of
given links between the connected nodes or networks. For
those links.
example, the 0 in the row and column that link Network 3
The contents of the LSDB are Link State Advertisements with Router 7 indicate that Router 7 connects to Network
(LSA). The LSDB holds four types of LSAs: 3 and from Network 3 to Router 7 the cost is 0. However,
look at the link from Router 7 to Network 3 and the cost is
1. Router-LSAs. Each router originates a Router-LSA that
2. There is no cost associated with coming out of a
describes the state of the its interfaces.
network. Costs are incurred when leaving routers.
2. Networks-LSAs. The networks designated router
originates a Network-LSA that contains a list of
routers connected to that network.
3. Summary-LSAs. The area border router originates a
Summary-LSA that contains routes to destinations
outside the area, but inside the autonomous system.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
54
4 | OSPF Key Concepts

Draw the Network

Award Solutions Proprietary

Draw the network based on the LSDB on the previous


page.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
55
4 | OSPF Key Concepts

The Network

R3 5 4 R8
R11
3 3

5 3 3 1 1 2 2 4
R4 R2
N1 R1
N2 R6
N3 R7 R9

5 4
R5 R10

Award Solutions Proprietary

This network is based on the LSDB given in the exercise. It


is in an OSPF network. Your drawing on the previous page
should look similar.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
56
4 | OSPF Key Concepts

Link State
Advertisements

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
57
4 | OSPF Key Concepts

Link State Advertisement


Link State
Advertisement
(LSA)

Router-LSA Network-LSA
(Type 1) (Type 2)

Summary-LSA External-LSA
(Type 3, 4) (Type 5, 7)

Opaque-LSA
(Type 9,10,11)

Award Solutions Proprietary

All OSPF routing information is exchanged in the form of a


Link State Advertisements (LSA). An LSA is a piece of
routing information that may describe a router, a physical
interface or a range of addresses, along with an
associated cost. The LSA specifies its originating router, its
age in seconds (which allows old routing information to
expire) and a sequence number (used to detect duplicate
LSAs).
There are 11 types of LSAs. The type of LSA depends on
the type of router creating the LSA.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
58
4 | OSPF Key Concepts

Type 1 Router-LSA
Router-LSA = Type 1
Link State ID: 192.168.50.1
No of Links=2
Link 1 Cost , Type and other Details
Link 2 Cost , Type and other Details
Neighbor List

Area 1

Generated by each router in the AS Area-scope


Link State ID is set to Router ID

Award Solutions Proprietary

Each router in the Autonomous System originates a


Router-LSA. The Router-LSA indicates whether the router
is an ASBR or ABR. It includes a list of the routers links,
the cost of each link, as well as other information such as
the links address. The Router-LSA gets distributed to
each of the routers in the area, but the ABR does not
forward the Router-LSA across area boundaries.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
59
4 | OSPF Key Concepts

Type 2 Network-LSA
R1 (DR)
Point-to-Point Link
10.2.1.100/24
Network-LSA = Type 2
Network-LSA = Type 2
Link State ID: 10.2.1.100
Link State ID: 10.2.1.100
Subnet Mask = 255.255.255.0
Subnet Mask = 255.255.255.0
RID of Attached Router-R1
RID of Attached Router-R1
RID of Attached Router-R2
RID of Attached Router-R2
RID of Attached Router-R3
RID of Attached Router-R3
RID of Attached Router-R4
RID of Attached Router-R4

NW: 10.2.1.0/24
Area 1
R2 R3 R4

Generated by Designated Router Area-scope


Link State ID is set to DR Interface Address
Award Solutions Proprietary

A Network-LSA is originated for each broadcast or Non-


Broadcast Multiple Access (NBMA) network in the
autonomous system (but not for point-to-point links). It
includes a list of routers attached to the network and the
subnet address and mask assigned to the network. When
there are multiple OSPF router connected to the network,
only one of them, the Designated Router, sends the
Network-LSA. The Network-LSA gets distributed to each of
the routers in the area, but the Area Border Router (ABR)
does not forward the Network-LSA across area
boundaries.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
60
4 | OSPF Key Concepts

Type 3 Summary-LSA

Network-LSA Summary-LSA = Type 3


Link State ID: 10.1.1.0 Link State ID: 10.1.0.0
Subnet Mask = 255.255.255.0 Subnet Mask = 255.255.252.0
10.1.1.0/24 Cost: 3 Metric = 10
10.1.2.0/24 Cost: 5
10.1.3.0/24 Cost: 10 ABR
10.1.4.0/24 Cost 8
Area 0
Area 1

Generated by ABR Area-scope


Link State ID is set to Advertised Network Address
Cost = Advertised Cost + Cost to ABR

Award Solutions Proprietary

The Area Border Router (ABR) does not forward Router-


LSAs or Network-LSAs from one area to the next. Instead,
the ABR originates a Summary-LSA that, as its name
implies, summarizes the routing information for that area.
The ABR may originate separate Summary-LSAs for each
of the networks to be advertised, or it may condense
multiple networks into a single Summary-LSA by
advertising a single network address with a shorter
network prefix. When a router receives a Summary-LSA, it
computes a new cost to the target by adding in the cost of
the path between that router and the ABR. When an ABR
receives a Summary-LSA sent from some other ABR, it
does not forward the Summary-LSA across area
boundaries.
In the example shown, the ABR receives four Network-
LSAs from within Area 1. The ABR has been configured to
condense these into a single Summary-LSA that it
originates into Area 0. It sets the cost of the summary
route to be the largest cost of its individual component.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
61
4 | OSPF Key Concepts

Type 4 ASBR Summary-LSA


AS 100

ASBR
ASBR Summary-LSA = Type 4
Link State ID: 192.168.50.7
Subnet Mask = 0.0.0.0
R7 Metric = 22
(RID 192.168.50.7)
Area 0
Area 1

Generated by ABR Area-scope


Link State ID is set to ASBR Router ID
For External Type 1 routes, add cost to ASBR
For External Type 2 routes, store as-is in Routing Table
Award Solutions Proprietary

The Area Border Router (ABR) generates an Autonomous


System Boundary Router (ASBR) Summary-LSA for each
ASBR in its area. This includes the cost of the path from
the ABR to the ASBR. The router may choose to use this
information to calculate the total cost to reach a
destination outside of the Autonomous System. When an
ABR receives an ASBR Summary-LSA from some other
ABR, it does not forward it across area boundaries.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
62
4 | OSPF Key Concepts

Type 5 AS-External-LSA
10.0.0.0/16
10.1.0.0/16
10.2.0.0/15
AS 100 AS External-LSA = Type 5
Link State ID: 10.0.0.0/16
AS External-LSA = Type 5
Metric ==20
AS External-LSA Type 5
Link State ID: 10.0.0.0/16
Link State ID: 10.1.0.0/16
Metric ==20
AS External-LSA Type 5
Metric ==20
AS External-LSA Type 5
eBGP Link State ID: 10.1.0.0/16
Link State ID: 10.2.0.0/15 Metric ==20
Metric = 20 AS External-LSA Type 5
Link State ID: 10.2.0.0/15
Metric = 20

ASBR Area 1
Area 0

Link State ID is set to Advertised Network Address


ASBR generates 1 AS External-LSA per route imported for the whole AS
Distributed transparently without any modification within AS
Includes the Next Hop IP address of the external link in the LSA
Award Solutions Proprietary

When the Autonomous System Boundary Router (ASBR)


wants to import a route from other routing processes to an
external destination into the Autonomous System (AS), it
originates an AS-External-LSA. This includes the network
address and mask of the external destination and the next
hop address of the external link. The AS-External-LSA gets
flooded throughout the AS.
The cost of the external route may be one of two types.
Type 1 costs use the same units as other OSPF LSAs. The
Shortest Path First algorithm may make a meaningful
comparison between the Type 1 cost of the AS-External-
LSA and the costs learned through other types of LSAs.
Type 2 costs are expressed using some other type of units
that are not compatible with the metrics used by the AS.
These other units are assumed to be significantly larger
than those used by the AS, such that the Shortest Path
First algorithm always selects a path with a cost expressed
in Type 1 units over a path expressed in Type 2 units.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
63
4 | OSPF Key Concepts

Types 9 11 Opaque-LSA
AS 100 AS 300

Opaque-LSA
AS-scope
Area 0

Area 1
Area 2
Opaque-LSA
N1 Area-scope
Opaque-LSA
Network-scope

AS 200
AS 400
Award Solutions Proprietary

The Opaque-LSA type was introduced as a means to


extend OSPF to carry application-specific data. It provides
the means to carry a generic chunk of data, the exact
form and function of which is known only to the
application that defines it. For example, the Traffic
Engineering application defines a type of Opaque-LSA. In
this application, the LSA carries bandwidth reservation
information associated with the link.
Three types of Opaque-LSAs have been defined. Link-local
opaque-LSAs (type 9) is sent to routers attached to the
specified network and not forwarded beyond that point.
Area-Local opaque-LSAs (Type 10) are forwarded to all
routers in the area, but not forwarded across area
boundaries. AS-local opaque-LSAs (Type 11) are
forwarded to all routers in the Autonomous System.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
64
4 | OSPF Key Concepts

Summary
OSPF is used to exchange routing information
between routers within an Autonomous System.
OSPF uses Link-State Advertisements to
communicate information about the topology of the
network.
Routers store Link-State Advertisements in the
Link-State Database.
Each router in an area maintains its own copy of
the Link-State Database.
OSPF routers learn details about the topology of
their area, but not that of other areas.
Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
65
4 | OSPF Key Concepts

Review Exercise
Orlando St. Petersburg
Area 1 Area 2
R5 R10
R8:

R6 R4
N1 R3 R8
N2 R9 R11

R1
R7 R4: R12: R12

Area 3 BGP
R15 R2
BGP

R16 R14
N3 R13 R18 R19

R13:
R17 Tampa

Award Solutions Proprietary

The figure illustrates a sample OSPF network. It highlights


four of the routers (R4, R8, R12 and R13). What type of
routers are these? (Hint: a single router may be of more
than one type.)
Your choices are: internal router, backbone router, Area
Border Router (ABR), Autonomous System Boundary
Router (ASBR).

Award Solutions' eBook is authorized for a single user only. Do not distribute.
66
5 | OSPF in Wireless Networks

Chapter 5:
OSPF in Wireless
Networks

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
67
5 | OSPF in Wireless Networks

Objectives
After completing the module, you will be able to:
Describe the operations of an OSPF router
Troubleshoot OSPF adjacency issues
Analyze the contents of the link-state database
Calculate OSPF link metrics to influence routing
decisions
Use OSPF areas to build scalable networks

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
68
5 | OSPF in Wireless Networks

Life of an OSPF Router


Neighbor
Discovery

Synchronize
Keep-Alive
LSDB

Send LSA Compute SPF

Populate
Routing Table
Award Solutions Proprietary

An OSPF-capable router spends its life performing the OSPF routers keep tabs on their neighbors. If the
following functions. router suddenly stops receiving keep-alive messages,
it assumes that the neighbor has gone off-line,
OSPF routers automatically discover the existence of
updates the LSDB accordingly, re-runs the SPF
neighboring routers.
algorithm and adjusts the routing table as necessary.
Having discovered a new neighbor, the two routers
synchronize their Link State Databases (LSDBs).
Once the topology of the network is known (through
the LSDB), the router runs a Shortest Path First (SPF)
algorithm to calculate the optimal path to reach each
of the known destinations in the network.
The best path information is merged with other
routing information (e.g., static routes and other
dynamic routing protocols) to create routing table.
When changes occur in the network topology (e.g.,
links are enabled or shutdown), the router updates its
neighbors by sending a Link State Advertisement
(LSA). Of course, the router may also re-run the SPF
calculations to determine the impact of the topology
change and update the routing table accordingly.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
69
5 | OSPF in Wireless Networks

Neighbor Discovery

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
70
5 | OSPF in Wireless Networks

Neighbor Discovery
Hello message
Send periodically
Multicast: 224.0.0.5
Includes
Router ID
Area ID
Hello Interval
Dead Interval
Subnet Prefix
Neighbor List

Award Solutions Proprietary

Whenever possible, OSPF relies on the automatic


discovery of neighboring routers, rather than having them
administratively configured. An OSPF router periodically
sends a Hello message to the multi-cast address
224.0.0.5. This is a well-known address to which all OSPF
routers are supposed to be listening.
The router does not necessarily exchange routing
information with each one of its neighbors. It only does so
with so-called adjacent neighbors. The Hello message
includes several configuration data: the router identifier,
area identifier, hello interval, dead interval and subnet
prefix. The two neighboring routers must agree on each of
these parameters if they are to form an adjacency and
exchange routing information. The Hello message also
includes the list of neighboring routers that are already
known to this router. This is used to confirm that the
neighbor heard your Hello message (i.e., to confirm that
two-way communication exists).

Award Solutions' eBook is authorized for a single user only. Do not distribute.
71
5 | OSPF in Wireless Networks

Hello Protocol
R1 Hello R2
Area ID, Router ID, Neighbor List

Hello R2 powers on and


Area ID, Router ID, Neighbor List sends first Hello

R1 hears Hello
Hello
and adds R2 to
Area ID, Router ID, Neighbor List (R2)
neighbor list
R2 hears Hello
Hello
and adds R1 to
Area ID, Router ID, Neighbor List (R1)
neighbor list

Hello
Area ID, Router ID, Neighbor List
Award Solutions Proprietary

The Hello protocol is used to discover new OSPF that Router R1 has sent. It notes that its own Router Id
neighbors, verify that two-way communication is in place, was included in the message. Router R2 now knows that
communicate information about the routers configuration two-way communication is possible with this neighbor. R2
and confirm that the neighbor remains active over time. adds R1 to its list of the neighbors and includes R1s
The router sends a Hello message every HelloInterval Router Id in the next Hello message that it sends. Router
seconds (10 seconds is typical). The router sends the R1 notes that its Router ID has been included in Router
Hello message to the well-known multicast address R2s hello message. Router R1 now knows that two-way
224.0.0.5. The router includes the Area ID, the sending communication is possible with R2.
routers own Router ID and a list of Router IDs from whom
The two routers analyze the fields in the Hello messages.
the sending router has received a Hello message. The
If their respective area ID, network mask, HelloInterval,
message also contains authentication credentials, the
and RouterDeadInterval fields match, they may attempt to
network mask of the interface, the value of the
form an adjacency with each other and begin to
HelloInterval and RouterDeadInterval timers, the Router ID
synchronize their Link State Databases.
of the Designated Router and a priority value used in the
Designated Router election procedure.
In the example shown, Router R1 has been sending Hello
messages every HelloInterval seconds. Router R2 comes
online starts running OSPF. It starts sending its own Hello
messages. Router R1 hears the Hello message that
Router R2 has sent. It adds R2 to its list of neighbors and
includes R2s Router ID when it sends its next Hello
message. Likewise, Router R2 hears the Hello message

Award Solutions' eBook is authorized for a single user only. Do not distribute.
72
5 | OSPF in Wireless Networks

Database Synchronization
R1 R2

LSDB Database Description LSDB


These are the LSAs in my LSDB

Link State Request


Please send me these LSAs

Link State Update


Here are the LSAs you asked for

Award Solutions Proprietary

Having established an adjacency with each other, the two


neighboring routers synchronize their LSDBs. They first
send a series of Database Description messages. These
messages summarize the contents of the LSDB and
include enough information for the neighbor to determine
whether it already knows the Link State Advertisements
(LSAs) contained within. If the router learns about a new
LSA that is not in its LSDB, or sees that a more recent
copy of an LSA is available, it sends a Link State Request
message, indicating that it wants to know the details
about the LSAs. The first router then sends the requested
LSAs in a Link State Update message.
The figure illustrates the process by which router R1
synchronizes its database with router R2. Router R2 also
synchronizes its database with router R1, but this is not
shown in the illustration.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
73
5 | OSPF in Wireless Networks

Designated Router (DR)


R1 R2 R1 (DR) R2 (BDR)

R4 R3 R4 R3

Multi-Access
Network with
6 OSPF
R5 R6 R5 R6
Routers
No DR and BDR Election R1 R2 R3 With DR and BDR Election
Adjacencies = N*(N-1)/2 Adjacencies = 2N-3
Adjacencies = 6*(6-1)/2 = 15 Adjacencies = (2*6)-3=9

Designated Router is Backup Designated Router


Elected to Reduce is also elected for fast
Adjacencies takeover from DRs Failure
R4 R5 R6
Award Solutions Proprietary

Consider the effects of the neighbor discovery procedure Instead of forming adjacency with every neighbor on the
on a multiple-access network with six routers. Each router network, a router instead forms an adjacency with only the
would discover five neighbors and form five adjacencies. DR and BDR. In the example configuration shown, the
Fifteen adjacencies would be formed overall. The total number of adjacencies that form is reduced from 15
Designated Router (DR) concept reduces the number of to 9.
adjacencies required in this circumstance, and by
extension reduces the size of the Link State Database
(LSDB) and the number of OSPF messages sent over the
network.
The Hello protocol includes a mechanism by which the
routers autonomously determine which router functions as
the DR. The administrator can influence this decision by
assigning certain priorities to each of the routers. Once a
DR has been elected for the network, it generally does not
change unless the DR goes out of service. To facilitate a
fast recovery from that circumstance a Backup
Designated Router (BDR) is elected at the same time as
the DR. If the DR should go out of service, the BDR takes
over as DR and a new BDR is elected.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
74
5 | OSPF in Wireless Networks

Metrics

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
75
5 | OSPF in Wireless Networks

OSPF Metric
Interface Speed Cost
Type (Mbps) ref = 100 Mbps ref = 1 Gbps ref = 10 Gbps
10GE 10000 1 1 1
OC-192c 9953.28 1 1 1
OC-48c 2488.32 1 1 4
GigE 1000 1 1 10
OC-12c 622.08 1 1 16
OC-3c 155.52 1 6 64
Fast Ethernet 100 1 10 100
Ethernet 10 10 100 1000

Reference Bandwidth
OSPF Cost =
Link Speed
Award Solutions Proprietary

OSPF automatically assigns a cost to each of the links in


the network based on the bandwidth of the link. It
calculates this cost by selecting a fixed value known as
the reference bandwidth, and then dividing the reference
bandwidth by the bandwidth of the link. The minimum cost
that can be assigned to a link is 1. It is important that
each of the routers in the network use the same reference
bandwidth in order to accurately compare routes.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
76
5 | OSPF in Wireless Networks

Exercise
Speed Cost
Interface Type
(Mbps) ref = 100 Mbps ref = 1 Gbps ref = 10 Gbps
10GE 10000 1 1 1
OC-192c 9953.28 1 1 1
OC-48c 2488.32 1 1 4
GigE 1000 1 1 10
OC-12c 622.08 1 1 16
OC-3c 155.52 1 6 64
Fast Ethernet 100 1 10 100
Ethernet 10 10 100 1000
T3 44.736
T1 1.544

Calculate the cost for the T3 and T1 links.


Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
77
5 | OSPF in Wireless Networks

Shortest Path First


Orlando St. Petersburg
R5 5 4 R10

5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1
5 4
R7 R12

1 2 2

R15 5 R2 4 R20

1 1
5 3 3 1 2 2 4
R16 R14
N3 R13 R18
N4 R19 R21

5 4
R17 Tampa Boca R22

Award Solutions Proprietary

Each router in the network uses the information in its link


state database to execute the Shortest Path First (SPF)
algorithm and calculate the most optimal route to each
destination in the network. The SPF algorithm uses the
costs that were assigned to each of the links. The cost of
the route is the sum of the link costs that make up the
route.
The figure illustrates four switching offices: Orlando, St.
Petersburg, Tampa and Boca. Each switching office has
an edge router (R3, R8, R13 and R18) that connects to
the backbone for the region (R1 and R2). Additionally,
each edge router connects directly to two neighboring
offices (for example, R3 in Orlando connects to R8 in St.
Petersburg and R13 in Tampa).

Award Solutions' eBook is authorized for a single user only. Do not distribute.
78
5 | OSPF in Wireless Networks

Shortest Path First


R8 R8
1 2 1
1

1 1
R3 R1 R18 R3 R1 R18

1
2

R2 R2
1 1 1 1
1 1
Destination Next Hop
R13 R8 R8 R13
R1 R1
Before R13 R13 After
R2 R13
R18 R13
Award Solutions Proprietary

The Shortest Path First algorithm produces a tree of


shortest paths to each router and network in the area,
with the router itself as the root of the tree. The router
only needs to know the next hop for each of the
destinations to forward packets. These next hops are
loaded into the routing table.
The figure illustrates the results of the Shortest Path First
algorithm when run on router R3 (weve also abbreviated
the diagram by only showing the paths to each offices
edge router). The table illustrates the set of next hops that
are loaded into the routing table.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
79
5 | OSPF in Wireless Networks

Equal-Cost Multipath
R8
1 1
Destination Next Hop
R8 R8
1
R3 R1 R18 R1 R1
R13 R13
1
R2 R13
R2 R2 R1
1 1 R18 R13
1 R18 R8

R13

After
Award Solutions Proprietary

It is possible that the Shortest Path First algorithm


identifies multiple paths to a destination with the same
cost value. When that happens, multiple paths may be
loaded into the routing table (assuming they have
different next hops) and traffic is distributed equally
across each of them.
We can illustrate this by changing the cost of the R1-R2
and R8-R18 links. If these two links each have a cost of
one, then router R3 calculates multiple equal-cost paths
to routers R2 and R18. To send packets to router R2, R3
could forward packets to router R1 or R13. Each path has
a cost of two. To send packets to R18, R3 could forward
packets to R8 or R13. Each path has a cost of two.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
80
5 | OSPF in Wireless Networks

SPF Exercise
Orlando St. Petersburg
R5 5 4 R10

5 3 N1 3 2 N2 2 4
R6 R4 R3 R8 R9 R11

R1
5 4
R7 R12

R15 5 R2 4 R20

5 3 3 2 2 4
R16 R14
N3 R13 R18
N4 R19 R21

5 4
R17 Tampa Boca R22

Award Solutions Proprietary

The figure illustrates four switching offices: Orlando, St.


Petersburg, Tampa and Boca. Each switching office has
an edge router (R3, R8, R13 and R18) that connects to
the backbone for the region (R1 and R2). Additionally,
each edge router connects directly to two neighboring
offices (for example, R3 in Orlando connects to R8 in St.
Petersburg and R13 in Tampa).
Assign a cost to each of the links indicated such that the
following two conditions are met:
1. Each edge router (R3, R8, R13 and R18) processes
only traffic that originates or terminates inside its
respective office. They do not process so-called
transit traffic that both originates and terminates
outside their respective offices.
2. Each edge router shall direct traffic destined for an
adjacent office over the direct link to that office.
When properly configured, traffic that runs from Orlando
to St. Petersburg goes over the R3-R8 link. Traffic that
runs from Orlando to Tampa traverses the R3-R13 link.
Traffic that runs from Orlando to Boca passes through the
backbone, R3-R1-R2-R18.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
81
5 | OSPF in Wireless Networks

Areas

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
82
5 | OSPF in Wireless Networks

Example Network (No Areas)


Orlando St. Petersburg
R5 Each Router: 4 R10
5
1 SPF, 1 LSDB, 26 LSAs

5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1
5 4
R7 R12

1 2 2

R15 5 R2 4 R20

1 1
5 3 3 2 2 4
R16 R14
N3 R13
1
R18
N4 R19 R21

Tampa Boca
5 4
R17 R22
Total: 22 SPF Processes, 22 LSDBs and 572 LSAs
Award Solutions Proprietary

The figure illustrates the amount of routing information


that would be exchanged if the sample network presented
earlier in the chapter were implemented as a single OSPF
area. Since we did not subdivide the Autonomous System
into areas, each router receives all of the Link State
Advertisements (LSAs) that are generated in the network.
So each router keeps a copy of the Link State Database
(LSDB), which holds 26 LSAs (22 Router-LSAs, 4 Network-
LSAs). Whenever a topology change occurs, the LSA must
be propagated to each router, which in turn must re-
execute its Shortest Path First algorithm.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
83
5 | OSPF in Wireless Networks

Example Network (with Areas)


Orlando St. Petersburg
Area 1 Area 2
R5 5 Internal Routers: 4 R10
1 SPF, 1 LSDB, 9 LSAs

5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1 ABR: 4
R7 5 Backbone Router: 2 SPF, 2 LSDBs & 19 LSAs R12
1 SPF, 1 LSDB, 10 LSAs
1 2 2

Area 3 Area 4
R15 5 R2 4 R20

1 1
5 3 3 2 2 4
R16 R14
N3 R13
1
R18
N4 R19 R21

Tampa Boca
5 4
R17 R22
Total: 26 SPF Processes, 26 LSDBs and 240 LSAs
Award Solutions Proprietary

If we were to subdivide our example network into areas,


as illustrated here, then we could reduce the amount of
work that OSPF must do. The routers within each of the
offices (internal routers) still exchange full topology
information with each other. So they store five Router-Link
State Advertisements (LSAs) and 1 Network-LSA in their
Link State Databases (LSDBs). In addition, their Area
Border Router (ABR) generates a Summary-LSA for each
of the other four areas. Likewise, the routers inside the
backbone area (Area 0) store six Router-LSAs and four
Summary-LSAs in the LSDB. The ABR routers have two
LSDB: a copy of the Area 0 LSDB and a copy of the non-
zero area LSDB.
The net effect of this configuration is fewer OSPF
messages being sent through the network, a reduction in
the size of the LSDB, and faster computations of routing
table updates.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
84
5 | OSPF in Wireless Networks

Area Summarization
Orlando St. Petersburg
Area 1 Area 2
R5 10.1.1.0/24 Summary-LSA: 10.2.1.0/24 R10
10.1.0.0/16
10.1.2.0/24 10.2.0.0/24 10.2.2.0/24

R6 R4
N1 R3 R8
N2 R9 R11
10.1.0.0/24
R1
R7 10.1.3.0/24 Summary-LSA: 10.2.3.0/24 R12
10.1.0.0/16

Area 3 Area 4
R15 10.3.1.0/24 R2 10.4.1.0/24 R20

10.3.2.0/24 10.4.0.0/24 10.4.2.0/24

R16 R14
N3 R13 R18
N4 R19 R21

10.3.0.0/24

R17 10.3.3.0/24 Tampa


Summary-LSA: Boca 10.4.3.0/24 R22
10.3.0.0/16
Award Solutions Proprietary

The area boundary is also a good place to implement


route summarization. In the figure shown, each of the
areas contains several /24 subnets. When the Area
Border Router (ABR) sends the Summary-LSA, it could list
each /24 subnet individually. But lets say that the routers
in area 1 experience an outage that causes the
10.1.1.0/24 subnet to become unavailable. The routers
inside area 1 would send link-state updates to notify each
other of the change in the topology. And because the ABR
had previously included the 10.1.1.0/24 subnet in its
Summary-LSA, the ABR would also have to send a link-
state update to reflect the change in status. The updated
Summary-LSA would be forwarded throughout the
autonomous system so that each router updates its link-
state database.
Rather than advertise each of the /24 subnets
individually, the ABR could instead summarize them
together and include a single /16 subnet in its Summary-
LSA. Then, if an outage occurred in the 10.1.1.0/24
subnet, the ABR does not have to update its Summary-
LSA. The impact of the outage is contained within Area 1.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
85
5 | OSPF in Wireless Networks

Summary
The OSPF Hello protocol drives the neighbor
discovery process.
On broadcast networks, OSPF routers form
adjacencies with the designated router.
Adjacent neighbors exchange link-state databases.
The Link-State Database (LSDB) stores Link-State
Advertisements (LSAs).
All routers in an area share the same LSDB.
Area Border Routers send Summary-LSAs on behalf
of the area.
OSPF metrics are calculated based on link speed.
Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
86
5 | OSPF in Wireless Networks

Review Questions
1. The Area Border Router (ABR) may perform which of the following
functions?
a) Send Summary-LSAs on behalf of the area.
b) Connect the routers in the area to the OSPF backbone.
c) Form an OSPF adjacency with each of the routers in the area.
d) Route summarization by advertizing a single route that
encompasses all of the areas routes.
2. When an OSPF router forms an adjacency with a neighbor:
a) It always receives a complete copy of the neighbors Link-State
Database.
b) It uses a Summary-LSA to send an abbreviated copy of its Link-State
Database to the neighbor.
c) It uses the neighbors Hello messages as a keep-alive mechanism.
d) It sends a Link-State Update message to notify the other routers in
the area that an adjacency has been formed.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
87
5 | OSPF in Wireless Networks

Review Exercise
Match the columns.

Connects OSPF backbone area


ASBR
and a non-backbone area

Backbone Area Connects two different AS

ABR All Links fall in the same area

Internal Router At least one link in Area 0

Set of links falling other than


Backbone Router
Area 0

Non-Backbone Area Set of links falling in Area 0

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
88
6 | BGPv4 Key Concepts

Chapter 6:
BGPv4 Key Concepts

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
89
6 | BGPv4 Key Concepts

Objectives
After completing this module, you will be able to:
Define an Autonomous System
Differentiate between iBGP and eBGP
Describe how BGP attributes can be used to
implement routing policy
List some of the most significant BGP attributes
Describe the BGP messages for session
establishment
Use Route Reflectors to build scalable BGP
networks

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
90
6 | BGPv4 Key Concepts

Sample Network
4G
Data CE1

3G Modesto
San Francisco Data PE1
CE2 4G
CE10 Data
Alpha
Peering PE4
Corp GW1 GW2 CE3 3G
CE11 Data
4G
Data CE4
Fresno
3G
San Jose Data CE5 PE2 4G
CE12 Data
MPLS
Beta PE5
3G
GW4 Peering CE6 Backbone
Net GW3
CE13 Data
4G
Data CE7
Bakersfield
3G 4G
Sacramento Data CE8 PE3 CE14 Data
PE6
Charlie 3G
Peering CE15
Com GW5 GW6 CE9 Data

Award Solutions Proprietary

The figure illustrates a hypothetical network that consists


of six switching offices in California. Each switching office
contains a 3G data network and a 4G data network. They
would likely contain other networks too, but these two are
sufficient for our discussion. Three of the larger offices
also serve as Internet peering points. The San Francisco
office connects to an Internet Service Provider (ISP) called
Alpha Corp; San Jose connects to an ISP called Beta Net;
and Sacramento connects to an ISP called Charlie Com.
The six switching offices connect to an MPLS core
network.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
91
6 | BGPv4 Key Concepts

Autonomous Systems

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
92
6 | BGPv4 Key Concepts

Autonomous System
4G Data
AS110 CE1

San Francisco 3G Data


AS120 CE2 PE1

Alpha ISP
AS9900 GW1 GW2 AS4000 CE3

4G Data
AS110 CE4

3G Data
San Jose AS120 CE5 PE2 MPLS
Beta ISP Backbone
AS8800 GW4 AS4000 CE6
GW3
AS 1
4G Data
AS110 CE7

3G Data
Sacramento AS120 CE8 PE3

Charlie ISP
AS7700 GW5 GW6 AS4000 CE9

Award Solutions Proprietary

The term Autonomous System (AS) refers to a connected


group of networks, identified by their network prefixes,
that share a common routing policy. The routing policy
determines what routing information is shared, and how it
is shared, with other ASs. Each AS is identified by a unique
Autonomous System Number (ASN).
Within each of the switching offices in our sample
network, the 4G data network comprises an AS with ASN
110. The 3G data network is ASN 120. The MPLS core
network is ASN 1. The AS that peers with the external
Internet Service Provider (ISP) partners has been assigned
ASN 4000. The ISP partners have been assigned ASNS
7700, 8800 and 9900.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
93
6 | BGPv4 Key Concepts

Autonomous System Number


2-byte ASN
Public ASNs allocated by Internet
64512 65534 used for private
networks

4-byte ASN
Two notations
AS Plain: 65536 4294967296
AS Dot: 1.0 to 65535.65535
Existing ASN 1776 written as 0.1776

Award Solutions Proprietary

The Autonomous System Number (ASN) was originally


defined to be a two-byte value, between the range of 0
and 65535. The Internet administrative authorities
allocated ASNs to networks that connected to the public
Internet. The range of ASNs between 64512 and 65534
were reserved for private use, within internal networks
(similar to the private IP address ranges).
As the size of the Internet grew, it became apparent that a
two-byte ASN value would be inadequate to capture the
number of distinct networks. A revised, four-byte ASN
format was introduced to accommodate the growth.
Routers that connect to the public Internet now use the
four-byte variant. Routers that operate solely within private
networks may continue to use the two-byte ASN or adopt
the newer four-byte ASN format.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
94
6 | BGPv4 Key Concepts

Border Gateway Protocol

4G Data
AS 110 CE4 PE1
3G Data MPLS
San Jose AS 120
eBGP Backbone
CE5 PE2
AS 1
Beta Net iBGP
AS 8800 GW3 eBGP GW4 AS 4000 CE6
PE3

Exchange routes between Policy-based routing


Autonomous Systems Attributes
IETF Standard (RFC 4271)

Award Solutions Proprietary

The Border Gateway Protocol (BGP) carries routing In our sample network, the autonomous systems inside
information between Autonomous Systems (ASs). Interior the switching offices have a Customer Edge (CE) router
gateway protocols such as the Open Shortest Path First that uses eBGP to exchange routes with the Provider Edge
(OSPF) protocol make routing decisions based on (PE) router in the core network autonomous system. The
straightforward link metrics. At this level in the network, PE routers use Internal BGP (iBGP) to connect to other
however, administrators generally prefer the flexibility of core network routers. The Internet peering AS (ASN 4000)
policy-based routing. BGP supports this by associating a contains a gateway router that uses eBGP to connect to
set of attributes with each route. The attributes include the respective external ISP. The gateway router also uses
standard parameters such as AS Path, Origin and Next- iBGP to connect to the ASN 4000 CE router.
Hop address. Additionally, BGP may tag routes with more
customized attributes whose meanings are known only to
the AS. The routers may use these attributes to decide
which routes to advertise to peers, which advertisements
they accept from peers and how they prioritize the routes
that they do accept. Routers may manipulate the
attributes when they send or receive routes from peers.
When a router uses BGP to exchange routes with a router
in a different autonomous system, we refer to that
specifically as External BGP (eBGP). A router may also use
BGP to exchange routes with a router inside its own
autonomous system. This is referred to as Internal BGP
(iBGP).

Award Solutions' eBook is authorized for a single user only. Do not distribute.
95
6 | BGPv4 Key Concepts

BGP Messages

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
96
6 | BGPv4 Key Concepts

BGP Messages
No Neighbor
Discovery
4G Data
MPLS Core
AS 110 Open TCP Connection
CE PE AS 1

Open Open
Initial Route
Update Update
Exchange

Periodic
Keep- Keep-Alives
Keep-Alive Alive
Send Update if Update
something
changes Please send me
Route- those routes
Refresh again.
Here they are Update

Close the BGP


session Notification
Close TCP Connection
Award Solutions Proprietary

BGP is not a particularly complicated protocol. There is no Notification message before closing the TCP connection.
neighbor discovery procedure, so you must tell a router
who its BGP neighbors are through configuration. BGP
relies on the Transmission Control Protocol (TCP) to
ensure reliable delivery of messages, so it doesnt define
any special retransmission mechanisms or response
messages. Once the TCP connection has been
established, both routers send an Open message. This
message contains the routers BGP identifier, autonomous
system number, timer values and other protocol options. If
the proposed parameters are acceptable to the neighbor,
it responds with a Keep-Alive message. The routers next
use BGP Update messages to exchange their BGP routes.
After the initial exchange of routes, the routers update
each other if something changes in their routing tables. In
the meantime, they periodically send Keep-Alive
messages to confirm that the BGP session remains up. If
a routers routing policy changes, it may send a Route-
Refresh message to request that its neighbor re-send its
BGP routes. Either router may gracefully close the BGP
session simply by closing its underlying TCP connection. In
the event of an error, the router may also send a BGP

Award Solutions' eBook is authorized for a single user only. Do not distribute.
97
6 | BGPv4 Key Concepts

BGP Update
4G Data
AS 110 CE4 PE1
3G Data
San Jose AS 120
Update AS 1
CE5 PE2
Beta Net Update Update
AS 8800 GW3 GW4 AS 4000 CE6
PE3

Withdrawn
150.13.5.0/24
Routes
88.1.2.0/24
Advertised 88.2.1.0/24
Attributes
Routes 88.3.4.0/24
88.4.3.0/24

Award Solutions Proprietary

Route distribution is straight-forward in BGP. A router In our sample network, the Beta Net router, GW3, sends a
sends a BGP Update message to its neighbor. The Update BGP Update message to the mobile network router, GW4.
message may include two sets of information: routes that The Update message indicates that GW3 is withdrawing
currently exist in its BGP table; and routes that it had the 150.13.5.0/24 route and advertising four other
previously advertised, but is now withdrawing. Any given routes 88.1.2.0/24, 88.2.1.0/24, 88.3.4.0/24 and
update message may include one or the other or both sets 88.4.3.0/24.
of information. Generally, the router includes the entire
contents of its BGP table when the BGP session is initially
established or in response to a Route-Refresh request.
Otherwise, it generally includes only new and updated
routes. The Update message also includes a set of
attributes associated with the routes.
When a router receives an Update message from a
neighbor, it updates its own BGP table as needed. It may
in turn send an Update message of its own to its other
neighbors, thus propagating the routing information
throughout the network.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
98
6 | BGPv4 Key Concepts

BGP Table Example


PE2 BGP Table
Route Neighbor Attributes
10.2.16.0/21 CE4 AS Path, Next-Hop, Origin
10.2.24.0/21 CE5 AS Path, Next-Hop, Origin
75.0.0.0/8 CE6 AS Path, Next-Hop, Origin
75.0.0.0/8 PE1 AS Path, Next-Hop, Origin
75.0.0.0/8 PE3 AS Path, Next-Hop, Origin
10.1.0.0/16 PE1 AS Path, Next-Hop, Origin PE1
10.3.0.0/16 PE3 AS Path, Next-Hop, Origin
10.4.0.0/16 PE4 AS Path, Next-Hop, Origin 4G Data
10.5.0.0/16 PE5 AS Path, Next-Hop, Origin AS 110 CE4 PE3
10.6.0.0/16 PE6 AS Path, Next-Hop, Origin
3G Data
AS 120 CE5 PE2 AS 1 PE4
PE2 Routing Table
Route Next-Hop Metric Exit I/F
B 10.2.16.0/21 CE4 20 gi0/1 ISP
PE5
B 10.2.24.0/21 CE5 0 gi0/2 AS 4000 CE6
B 75.0.0.0/8 CE6 0 gi0/3
B 10.1.0.0/16 PE1 0 gi0/0
S 10.3.0.0/16 PE5 0 gi0/4 PE6
B 10.4.0.0/16 PE4 0 gi0/0
B 10.5.0.0/16 PE5 0 gi0/0
B 10.6.0.0/16 PE6 0 gi0/0

Award Solutions Proprietary

The figure uses router PE2 to illustrate the relationship of


the BGP table to the routing table. BGP maintains a table
of routes that it has learned from its neighbors. The table
stores a set of information associated with each of the
routes, including a set of attributes and the neighbor from
which it was learned. BGP uses this information to select
routes to be copied into the routing table.
Note that BGP does not copy every route that it learns into
the routing table. If BGP learns multiple routes to the
same destination, it typically selects a best route and copy
that to the routing table. In the example shown, PE2 has
learned multiple routes to 75.0.0.0/8. BGP selects the
route that it learned from CE6 and copies it to the routing
table. The router may also have learned routes from other
sources, such as OSPF or static routes, that take
precedence over the routes it learns through BGP. In the
example shown, BGP has learned a route to 10.3.0.0/16,
but the router also has a static route configured for that
destination. The static route takes precedence over the
BGP route, so the BGP route does not get copied to the
routing table.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
99
6 | BGPv4 Key Concepts

BGP Attributes and


Routing Policy

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
100
6 | BGPv4 Key Concepts

BGP Routing Policies


Receive
BGP Update BGP Table
Route Attributes
10.0.0.0/8 AS Path, Next-Hop, Origin,
Inbound Outbound
Policy 10.0.8.0/24 AS Path, Next-Hop, Origin, Policy
Filters 10.0.16.0/21 AS Path, Next-Hop, Origin, Filters

10.0.24.0/21 AS Path, Next-Hop, Origin,


Rejected Send
Routes Best Routes BGP Update

Routing Table
Route Source Metric Next-Hop Exit Interface
10.0.0.0/8 B 0 IPC gi0/1
10.0.8.0/24 B 0 IPD gi0/2
10.0.16.0/21 B 0 IPA fa0/1
10.0.24.0/21 B 0 IPB fa0/2
Award Solutions Proprietary

The BGP router maintains a data structure called the BGP


table that includes all of the BGP routes that it has either
originated itself or learned from its neighbors. The BGP
table stores the BGP routes and their associated
attributes.
The BGP router implements a set of default behaviors.
The router accepts all incoming route updates from its
neighbors. Similarly, the router shares the entire contents
of its BGP table with its neighbors. Finally, BGP also
implements a default path determination algorithm that
selects the best routes to be copied into the routing table.
This default behavior may not be desirable in all cases.
The network administrator may wish to override the
default behavior to implement specific routing policies.
This can be accomplished by installing a set of inbound
filters that accept some route updates and reject others.
The inbound filters may also manipulate the contents of
the routes as they are copied to the BGP tables. Similarly,
a set of outbound filters may select choose certain routes
to be shared with the routers neighbors and manipulate
the contents of the routes as the advertisements are sent
out.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
101
6 | BGPv4 Key Concepts

BGP Attributes
Mandatory/Optional
Attribute Description
Transitive/Non-Transitive
Sequence of ASs the route has
AS Path Mandatory, Transitive
traversed
Next-Hop Mandatory, Transitive Address of neighbor
Indicates whether or not BGP on
Origin Mandatory, Transitive originating router learned the route
through redistribution
Multiple Exit Determines best path for inbound
Optional, Non-transitive
Discriminator (MED) traffic
Determines best path for outbound
LOCAL_PREF Optional, Non-transitive
traffic; used only on iBGP neighbors
Community Optional, Transitive Assigns a marker to a route

Award Solutions Proprietary

BGP defines several different attributes that may be


associated with routes in the BGP table. The table shown
is not an exhaustive list of BGP attributes, but is a sample
of the attributes that the routing policy may examine when
deciding whether to accept a route, how to prioritize a
route and whether to advertise the route to other
neighbors. The routing policy may also manipulate the
values of these attributes.
Some attributes are mandatory and are associated with all
BGP routes. Others are optional. Transitive attributes
should be included when the router propagates the route
to another autonomous system. Non-transitive attributes
are intended to be used only within the current
autonomous system and should not be included with the
route if it is advertised to any external BGP neighbors.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
102
6 | BGPv4 Key Concepts

AS Path Attribute
4G Data
AS 110 CE1
Update
3G Data 88.1.2.0/24 AS Path: 4000, 7700
San Francisco PE1
AS 120 CE2

Alpha Update
ISP
AS 7700 GW1 GW2 AS 4000 CE3

Update
88.1.2.0/24 AS Path: 7700

Update
MPLS
Backbone
88.1.2.0/24 AS Path: 1, 4000, 7700
AS 1

4G Data
AS 110 CE7

3G Data Update
Sacramento PE3
AS 120 CE8

Charlie ISP eBGP: Add ASN to AS Path


AS9900 GW5 GW6 AS 4000 CE9 iBGP: Do not modify AS Path
Award Solutions Proprietary

The Autonomous System (AS) Path attribute is a value would be 1, 4000, 7700 when CE8 receives the
mandatory attribute. Every BGP route has an associated final Update message.
AS Path attribute. When a router originates a route, it puts
This example illustrates the route propagation to a single
its own ASN into the AS Path attribute. When a router
router. The route would similarly be propagated to the
propagates a route to an eBGP neighbor, it adds its own
other routers in the network.
ASN to the front of the AS Path attribute (note that it does
not do this when it forwards routes to an iBGP neighbor).
So the AS Path attribute is basically a list of autonomous
systems one would have to traverse to reach the
destination specified by the route.
The example shown traces the 88.1.2.0/24 route from
the Alpha Corp network to the 3G Data network in
Sacramento. Alpha Corp originates the 88.1.2.0/24 route.
When router GW1 sends a BGP Update message to GW2,
it sets the AS Path attribute to its own ASN 7700. GW2
forwards the Update to CE3 (not shown) on the slide. This
is an iBGP session, so the AS Path does not change. CE3
sends an Update to PE1, inserting ASN 4000 in front of
the AS Path attribute. PE1 forwards the Update to PE3.
This is also an iBGP session, so the AS Path attribute does
not change. PE3 sends an Update to CE8, inserting ASN 1
in front of the AS Path attribute. The AS Path attribute

Award Solutions' eBook is authorized for a single user only. Do not distribute.
103
6 | BGPv4 Key Concepts

AS Path Loop Prevention


4G Data
AS 110 CE1
Update
3G Data 198.51.100.0/24 AS Path: 4000
San Francisco PE1
AS 120 CE2
Update
Alpha ISP
AS 7700 GW1 GW2 AS 4000 CE3 Update
AS Path: 7700,
198.51.100.0/24
4000

MPLS Update
Update

Backbone
AS Path: 9900,
198.51.100.0/24
AS 1 7700, 4000
4G Data
AS 110 CE7

3G Data
Sacramento PE3 GW6 rejects the route,
AS 120 CE8

Charlie Update ISP because ASN 4000 already


AS9900 GW5 GW6 AS 4000 CE9
appears in the AS Path.
Award Solutions Proprietary

The AS Path attribute also helps to avoid routing loops.


When a router receives an Update from an eBGP
neighbor, and sees that its own ASN is already in the AS
Path attribute, it rejects the route (i.e., not add the route to
its BGP table).
In the example shown, GW2 advertises the
198.51.100.0/24 route to the Alpha Corp network, which
in turn forwards it to the Charlie Com network. When the
Charlie Com router, GW5 forwards the route to GW8, the
AS Path attribute lists the three Autonomous Systems that
the route traversed (9900, 7700, 4000). Router GW6
observes ASN 4000 is already in the AS Path, so it rejects
the route.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
104
6 | BGPv4 Key Concepts

AS Override
4G Data
AS 110 CE1
Update
3G Data 192.0.2.0/24 AS Path: 110
San Francisco PE1
AS 120 CE2

Alpha ISP
AS 7700 GW1 GW2 AS 4000 CE3

Rather than add its ASN to the AS


Path attribute, PE3 overrides the MPLS
AS Path entirely. Backbone
AS 1

4G Data
AS 110 CE7

3G Data Update (without AS Override)


Sacramento PE3
AS 120 CE8 192.0.2.0/24 AS Path: 1, 110
Charlie ISP
AS9900 GW5 GW6 AS 4000 CE9 Update (with AS Override)
192.0.2.0/24 AS Path: 1, 1
Award Solutions Proprietary

Rejecting a route because its ASN already exists in the AS


Path attribute prevents routing loops in many
circumstances, but may prevent legitimate routing
exchanges in one specific scenario. Consider the network
configuration in our sample network and notice how each
of the ASs (4G Data, 3G Data, ISP, etc.) is disjointed. They
are spread across several network locations, connected by
a common backbone. Lets say that the 4G data network
in San Francisco originates the 192.0.2.0/24 route and
sends it to PE1. It puts ASN 110 in the AS Path attribute.
PE1 uses iBGP to forward the route to PE3. Ordinarily, PE3
would add ASN 1 to the AS Path and forward the route to
CE7. CE7 would therefore see ASN 110 in the AS Path
attribute. Rejecting the route would not be helpful in this
instance.
The AS Override feature works around this problem. If we
configured the AS override feature on router PE3, then it
would replace the 4G data networks ASN 110 with its
ASN 1. Then, when CE7 receives the route update, it does
not see its own ASN in the AS Path attribute and therefore
does not reject the route.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
105
6 | BGPv4 Key Concepts

Next-Hop Attribute
eBGP Update from CE10 to PE4
120.0.0.0/8 Next-Hop: IPCE10 Modesto
4G Data
CE10 AS 110
iBGP Update from PE4 to PE3
120.0.0.0/8 Next-Hop: IPCE10 PE4 3G Data
CE11 AS 120

eBGP: Replace Next-Hop attribute Fresno


iBGP: Do not modify Next-Hop 4G Data
MPLS CE12 AS 110
Backbone PE5
3G Data
iBGP Update from CE9 to GW6 AS 1 CE13 AS 120
120.0.0.0/8 Next-Hop:
4G Data IPPE3
AS 110 CE7 eBGP Update from PE3 to CE9
3G Data
Sacramento PE3 120.0.0.0/8 Next-Hop: IPPE3
AS 120 CE8

Charlie ISP
AS9900 GW5 GW6 AS 4000 CE9 eBGP Update from GW6 to GW5
120.0.0.0/8 Next-Hop: IPGW6
Award Solutions Proprietary

The Next-Hop is a mandatory attribute. Every BGP route is an iBGP session, so CE9 does not change the Next-Hop
has an associated Next-Hop attribute. As its name attribute. GW6 has an eBGP session with GW5, so it does
indicates, the Next-Hop attribute is the address of the set the Next-Hop attribute.
router that is one step closer to the destinations specified
by the route.
When a router advertises a route through an eBGP
session, it sets the Next-Hop attribute to its own address.
When a router advertises a route through an iBGP session,
it leaves the Next-Hop attribute intact. This is a subtle, but
important point. In this circumstance, the router is
essentially telling its neighbor I know how to get to this
destination. If you have any packets for this destination,
send them to that router over there. This is sometimes
known as a third-party next-hop (examples of which are
marked with a red star in the example shown).
In the example shown, the 4G data network in Modesto
originates the route 120.0.0.0/8 and sets the Next-Hop
attribute to an IP address on router CE10. PE4 leaves the
Next-Hop attribute alone when it forwards the route to its
iBGP neighbor PE3. When PE3 advertises the route to its
eBGP neighbor, it sets the Next-Hop attribute to one of its
own IP addresses. The connection between CE9 and GW6

Award Solutions' eBook is authorized for a single user only. Do not distribute.
106
6 | BGPv4 Key Concepts

Next-Hop Must be Reachable


BGP Table
Route Attributes
10.0.0.0/24 Next-Hop: 120.1.5.1 120.2.5.1 is not reachable
10.0.8.0/24 Next-Hop: 120.2.5.1
10.0.8.0/24 cannot be
10.0.16.0/24 Next-Hop: 130.1.43.1
copied to routing table or
10.0.24.0/24 Next-Hop: 130.1.79.1 advertised to neighbors
Path Determination
Algorithm
Routing Table
Route Source Metric Next-Hop Exit Interface
120.1.5.0/24 O 20 33.54.1.3 fa0/1
130.1.0.0/16 S 1 33.54.42.9 fa0/2
10.0.0.0/24 B 0 120.1.5.1 -
10.0.16.0/24 B 0 130.1.43.1 -
10.0.24.0/24 B 0 130.1.79.1 -
Award Solutions Proprietary

One of the fundamental rules in BGP concerns the The remaining two BGP routes are 10.0.16.0/24 and
reachability of the Next-Hop attribute. The rule states that 10.0.24.0/24. Their next-hop addresses are 130.1.43.1
a routes Next-Hop attribute must be reachable in order and 130.1.79.1, respectively. Both of these addresses
for that route to be copied to the routing table or are matched by the 130.1.0.0/16 entry in the routing
advertised to any other neighbors. In other words, the table (which is a static route). So, both of these routes
routing table must have an entry that matches the work just fine as well.
address in the routes Next-Hop attribute. The entry could
Note that the reachability of next-hop addresses may
be a directly connected or static route, or it could have
change as the routing table gets updated. If a next-hop
been learned from a routing protocol.
address becomes reachable, then the corresponding BGP
In the example shown, the local router has learned four route becomes valid. Likewise, if a next-hop address
BGP routes. The 10.0.0.0/24 route has a next-hop becomes unreachable, then the corresponding BGP route
address of 120.1.5.1. The routing table has an entry to becomes invalid. In our example, the 10.0.8.0/24 route
120.1.5.0/24 (which it learned from OSPF), so 120.1.5.1 would become valid (i.e., copied to routing table and
is reachable. Therefore, the 10.0.0.0/24 route works just advertised to neighbors) if the router learns a route to the
fine. BGP copies it to the routing table and advertises it to 120.2.5.1 address. Likewise, if the 120.1.50/24 or
its neighbors. 130.1.0.0/16 routes are removed from the routing table,
the corresponding BGP routes would become invalid (i.e.,
The 10.0.8.0/24 route has a next-hop address of
removed from routing table and withdrawn from
120.2.5.1, for which there is no matching entry in the
neighbors).
routing table. The 10.0.8.0/24 route therefore remains in
the BGP table, but BGP cannot copy it to the routing table
or advertise it to any other neighbors.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
107
6 | BGPv4 Key Concepts

Next-Hop-Self
eBGP Update from CE10 to PE4
120.0.0.0/8 Next-Hop: IPCE10 Modesto
4G Data
CE10 AS 110
iBGP Update from PE4 to PE3 3G Data
PE4
CE11 AS 120
120.0.0.0/8 Next-Hop: IPPE4

Fresno
Use next-hop-self command on PE4
4G Data
and CE9. MPLS CE12 AS 110
Backbone PE5
3G Data
iBGP Update from GW6 to GW5 AS 1 CE13 AS 120
120.0.0.0/8 Next-Hop:
4G Data IPCE9
AS 110 CE7 eBGP Update from PE3 to CE9
3G Data 120.0.0.0/8 Next-Hop: IPPE3
Sacramento PE3
AS 120 CE8

Charlie ISP
AS9900 GW6 CE9 eBGP Update from GW6 to GW5
GW5 AS 4000
120.0.0.0/8 Next-Hop: IPGW6
Award Solutions Proprietary

BGP requires that the address in a routes Next-Hop The example illustrates what happens if we use the next-
address be reachable in order for that route to be hop-self command on routers PE4 and CE9. Both of them
considered valid. Also, by default, BGP does not modify place their address in the next-hop field.
the value of the Next-Hop attribute when sharing routes
with iBGP neighbors. This can be a problem if the iBGP
neighbor does not already have a route to the routes next-
hop address.
In the example shown, CE10 originates a route to PE4.
The Next-Hop attribute is IPCE10. Ordinarily, PE4 would
propagate the route to PE3 without changing the Next-Hop
attribute. But if PE3 does not have a route to IPCE10, then
PE3 would consider the route to be invalid. It could not
install the route to 120.0.0.0/8 or propagate the route to
CE7, CE8 or CE9.
The Next-Hop-Self feature addresses this problem. The
feature instructs the router to replace the Next-Hop
attribute with one of its own addresses when it advertises
a route over an iBGP session. Remember, it already does
this for eBGP sessions, but not iBGP sessions.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
108
6 | BGPv4 Key Concepts

Local Preference
BetaNet and Charlie Com advertise 120.0.0.0/8 eBGP Update from GW3 to GW4
PE2 sets LOCAL_PREF to 200 120.0.0.0/8 AS Path: 8800, 4398
PE3 sets LOCAL_PREF to 150
iBGP Update from PE2 to PE5
BetaNet route is preferred
AS Path: 4000, 8800, 4398
120.0.0.0/8
LOCAL_PREF: 200
4G Data
AS 110 CE4
Fresno
3G Data
San Jose PE2 4G Data
AS 120 CE5
MPLS CE12
Update AS 110
Beta Update ISP Backbone PE5
3G Data
AS8800 GW3 GW4 AS 4000 CE6
AS 1 CE13 AS 120

4G Data
AS 110 CE7 iBGP Update from PE3 to PE5
3G Data AS Path: 4000, 9900, 4398
Sacramento PE3 120.0.0.0/8
LOCAL_PREF: 150
AS 120 CE8

Charlie Update ISP


AS9900 GW5 GW6 AS 4000 CE9 eBGP Update from GW5 to GW6
120.0.0.0/8 AS Path: 9900, 4398
Award Solutions Proprietary

The Local Preference (LOCAL_PREF) Attribute provides a Sacramento propagate the route to routers PE2 and PE3,
means for the local routing policy to indicate the degree to respectively. These routers have been configured with a
which the route is preferred. The attribute is a simple, local routing policy that calculates a local preference
unsigned integer value. Higher values indicate the route is value. PE2 sets the LOCAL_PREF attribute to 200. PE3
more preferred. The LOCAL_PREF attribute only has sets the it to 150. When PE2 and PE3 propagate their
significance within a single Autonomous System (AS). In routes to the other routers in ASN 1, they all learn that the
fact, the attribute cannot be included when advertising preferred path to the 120.0.0.0/8 destination is through
routes to External BGP (eBGP) neighbors. PE2.
In general, when a router receives a route from an eBGP
neighbor, the local routing policy may determine degree to
which the route is preferred and attach the LOCAL_PREF
attribute to the route. The router includes the
LOCAL_PREF attribute when it advertises the route to its
Internal BGP (iBGP) neighbors. When a BGP router
determines that it has multiple BGP routes to the same
destination, BGP selects the route with the higher
LOCAL_PREF value to be copied into the routing table and
advertised to its other neighbors.
In our example network, both the 120.0.0.0/8 route
originates in ASN 4398. Both the Beta Net and Charlie
Com networks learn the route and advertise it to the
mobile network. The ASN 4000 routers in San Jose and

Award Solutions' eBook is authorized for a single user only. Do not distribute.
109
6 | BGPv4 Key Concepts

Community Attributes
eBGP Update
Next-Hop: IPCE12
85.2.0.0/16 4G
Community: 4G

Markers that are PE1


PE4
Fresno
attached to routes 4G
CE12 Data
Used to implement PE2 AS 1 PE5
3G
Routing Policy CE13 Data

PE3
PE6

eBGP Update
Next-Hop: IPCE13
120.0.0.0/8 3G
Community: 3G
Award Solutions Proprietary

The Community attribute is an optional attribute. A route


may have zero or more community attributes associated
with it. Community attributes are used as markers to tag a
route with a particular value whose semantics are defined
by the autonomous systems routing policy. A policy-aware
router would look for incoming routes with particular
Community attributes. It may use the Community
attributes to decide which routes to accept or reject, how
to prioritize the routes in the routing table, and whether or
not to advertise the route to its neighbors.
In the example shown, the Customer Edge (CE) routers for
the 3G and 4G data networks tag their routes with
different community attributes. The other routers in the
network may use those attributes to decide whether to
accept, reject or propagate the routes.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
110
6 | BGPv4 Key Concepts

Route Reflectors

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
111
6 | BGPv4 Key Concepts

iBGP Scalability Issues


iBGP Full-Mesh Requirement =
Too many iBGP sessions!

CE1 Modesto
San Francisco CE2 PE1 CE10
PE4
Alpha GW1 CE11
GW2 CE3

Fresno
CE4

San Jose CE5


CE12
PE2 PE5
Beta GW3
CE13
GW4 CE6

Bakersfield
CE7
CE14
Sacramento CE8 PE3 PE6
CE15
Charlie GW5 GW6 CE9

Award Solutions Proprietary

By default, when a BGP router learns routes from an eBGP There would be a total of forty-five sessions. The sheer
neighbor, it propagates those routes to its iBGP neighbors. number of connections complicates router configuration
Similarly, when it learns routes from an iBGP neighbor, it and troubleshooting. And the problem gets much worse as
propagates those routes to its eBGP neighbors. The router the number of routers increases.
does not, however, propagate routes that it learns from an
iBGP neighbor any of its other iBGP neighbors. The
implications of this behavior are that, in order to
thoroughly distribute routes throughout the Autonomous
System, a BGP router must establish one iBGP connection
to every other BGP router in the Autonomous System (AS).
This is sometimes referred to as the iBGP full-mesh
requirement.
The full-mesh rule presents a scalability problem.
Mathematically speaking, if there are N number of BGP
routers in the AS, each one would need to establish N-1
iBGP sessions. The total number of iBGP sessions would
be calculated as N(N-1)/2. In the sample network shown,
there are six BGP routers in the MPLS backbone (AS 1).
Each one needs to maintain iBGP sessions to five different
neighbors. There are a total of 15 iBGP sessions
throughout the AS. Consider the numbers if there were 10
BGP routers. Each would maintain nine iBGP sessions.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
112
6 | BGPv4 Key Concepts

Route Reflectors
Centralized iBGP Route Distributor
Minimize iBGP Sessions

CE1 Modesto
San Francisco CE2 PE1 CE10
PE4
Alpha GW1 CE11
GW2 CE3

RR1
Fresno
CE4

San Jose CE5


CE12
PE2 PE5
Beta GW1
CE13
GW2 CE6

RR2 Bakersfield
CE7
CE14
Sacramento CE8 PE3 PE6
CE15
Charlie GW1 GW2 CE9

Award Solutions Proprietary

One solution to the iBGP scalability problem is to use what


are known as Route Reflectors. A Route Reflector
specially-configured so that it propagates routes that it
learns from one iBGP neighbor to its other iBGP neighbors
(overriding the default rules). It therefore acts as a sort of
centralized iBGP route distribution hub. Each of the BGP
routers in the AS establishes an iBGP session to the Route
Reflector. As the edge routers learn routes from their
eBGP neighbors, they propagate them to the Route
Reflector, which in turn forwards them to the other BGP
routers in the network. In this way, the routes are
thoroughly distributed throughout the AS and the number
of iBGP sessions is minimized.
Because the Route Reflector plays such an important role
in route distribution, it is common to deploy them in
redundant pairs. In the example shown, each of the six
Provider Edge (PE) routers establishes an iBGP session to
each of the two Route Reflectors. The Route Reflectors
also peer with each other. There are a total of 13 iBGP
sessions throughout the AS.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
113
6 | BGPv4 Key Concepts

Summary
BGP supports policy-based routing.
Policy determines the routes that a router
accepts, advertises, and uses.
BGP attributes include AS Path, Next-Hop,
and Community.
Route reflectors use iBGP to distribute
routes to all BGP routers in the AS.
eBGP runs between routers in different ASs.
iBGP runs between routers in the same AS.
Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
114
6 | BGPv4 Key Concepts

Review - I
BGP Session Type
Interface
(eBGP or iBGP)
GW5 GW6
GW6 CE9
CE9 PE3
PE3 RR
RR PE5
PE5 CE13

Fresno
4G Data
AS 110 CE7 PE5 4G Data
CE12 AS 110
3G Data RR
Sacramento PE3 3G Data
AS 120 CE8
CE13 AS 120
Charlie ISP
AS9900 GW5 GW6 AS 4000 CE9

Award Solutions Proprietary

A portion of the sample network is shown on the slide. A


number of BGP sessions have been highlighted. Mark
each of the sessions as being either an External BGP
(eBGP) or Internal BGP (iBGP) session.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
115
6 | BGPv4 Key Concepts

Review - II
Update 1 GW5 to GW6
4G Data
CE1 198.51.100.0/2 AS Path: 9900
AS 110
4 Next-Hop: IPGW5
3G Data
San Francisco PE1
AS 120 CE2
Update 2 GW6 to CE9
Alpha ISP AS Path:
198.51.100.0/2
AS 7700 GW1 GW2 AS 4000 CE3
4 Next-Hop:

Update 5
Update CE9 to PE3
198.51.100.0/2 AS Path:
4 Next-Hop:

RR
MPLS
Update 4 PE3 to RR
Backbone
198.51.100.0/2 AS Path:
AS 1
Update 4

4 Next-Hop:
4G Data
AS 110 CE7 Update 5 RR to PE1
198.51.100.0/2 AS Path:
3G Data
Sacramento PE3 4 Next-Hop:
AS 120 CE8

Charlie Update 1 ISP Update 6 PE1 to CE1


AS9900 GW5 GW6 AS 4000 CE9
Update 2 198.51.100.0/2 AS Path:
4 Next-Hop:
Award Solutions Proprietary

The Charlie Com network advertises 198.51.100.0/24 to


our sample network. The BGP update is shown at the top
of the diagram. The AS Path attribute is 9900 and the
Next-Hop attribute is set to the IP address of GW5.
Recalling the behavior of the AS Path and Next-Hop
attribute on both eBGP and iBGP connections, complete
the remaining update messages as the route is
propagated through the sample network, eventually
reaching CE1.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
116
7 | BGPv4 in Wireless Networks

Chapter 7:
BGPv4 in Wireless
Networks

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
117
7 | BGPv4 in Wireless Networks

Objectives
After completing this module, you will be able to:
Improve routing performance
External Fast Failover, BFD Route Supervision,
Graceful Restart
Use the route dampening feature to reduce network
instability due to recurring failures
Use the maximum paths feature to implement load-
balancing
Use the multi-hop feature to connect to distant
neighbors
Use the maximum prefix feature to protect against
unpredictable routing behavior
Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
118
7 | BGPv4 in Wireless Networks

Sample Network
4G Data 4G Data

Springfield
AS110 CE1 CE5 AS410
3G Data 3G Data
AS120 CE2 CE6 AS410

Boston
PE1
Voice PE3 Voice
CE7 AS410
AS 130 CE3
PE4
PE2
Services
VPN AS 1000 CE4 4G Data
CE8 AS510

Hartford
PE5
MPLS 3G Data
CE9 AS510
Backbone
Internet AS 1 PE6 Voice
CE10 AS510

PE7 4G Data
AppCom

VPN

Bridgeport
CE11 AS610
AS 5000 R1 3G Data
PE8
CE12 AS610

Voice
CE13 AS610
Award Solutions Proprietary

The figure illustrates a hypothetical network that consists


of switching offices in the Northeast region of the country.
Each switching office contains a 3G data network, a 4G
data network and a voice network. They would likely
contain other networks too, but these three are sufficient
for our discussion. Each of the networks constitutes its
own Autonomous System. The figure illustrates the
Autonomous System Numbers that have been assigned to
them.
Additionally, the Boston office contains a Virtual Private
Network (VPN) connection to a third-party application
hosting company, AppCom.
The core network consists of pairs of Provider Edge (PE)
routers located at each site.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
119
7 | BGPv4 in Wireless Networks

BGP Multipath
CE6 BGP Table
Route Attributes
10.0.16.0/21 Next-Hop: PE3
10.0.16.0/21 Next-Hop: PE4 4G Data

Springfield
10.0.24.0/21 Next-Hop: PE3 CE5 AS410
PE3
10.0.24.0/21 Next-Hop: PE4 3G Data
CE6 AS410
How many PE4 Voice
best routes? CE7 AS410

CE6 Routing Table


Route Source Next-Hop Exit Interface
10.0.16.0/21 B IPPE3 fa0/1
Enables Equal Cost
10.0.16.0/21 B IPPE4 fa0/2 Multipath (ECMP)
10.0.24.0/21 B IPPE3 fa0/1
10.0.24.0/21 B IPPE4 fa0/2

Award Solutions Proprietary

If a BGP router learns multiple routes to a given


destination, the BGP path selection algorithm ordinarily
selects a single best route to be copied into the routing
table. The BGP Multipath feature instructs BGP to copy
multiple best routes to the routing table so that the router
may distribute traffic among the multiple routes. Each of
the routes must be equally good in order for all of them to
be copied to the routing table. If the path selection
algorithm determines that there is a clearly better route
(as determined by the local routing policy), then BGP
continues to copy only that single route to the routing
table.
In our sample network, each of the Customer Edge (CE)
routers connects to a pair of Provider Edge (PE) routers in
the local site. The CE router likely learns the same set of
routes from both of the PE routers. Assuming that the two
PE routers are equally capable of carrying the network
traffic, enabling the BGP multipath feature allows the CE
routers to perform load balancing across the two PE
routers.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
120
7 | BGPv4 in Wireless Networks

eBGP Multi-Hop
4G Data 4G Data

Springfield
AS110 CE1 CE5 AS410
3G Data 3G Data
Enable

eBGP
AS120 CE2 CE6 AS410

Boston

eBGP
eBGP Multi-hop PE1
PE3 Voice
Voice
CE7 AS410
AS 130 CE3
PE4
PE2
Services
VPN AS 1000 CE4 4G Data
CE8 AS510

Hartford
PE5
3G Data

eBGP
MPLS
CE9 AS510
Backbone
Internet AS 1 PE6 Voice
CE10 AS510

PE7 4G Data
AppCom

VPN

Bridgeport
CE11 AS610

eBGP
AS 5000 R1 3G Data
PE8
CE12 AS610

Voice
CE13 AS610
Award Solutions Proprietary

When BGP runs between routers in two different


autonomous systems, we refer to that as an External BGP
(eBGP) session. By default, BGP assumes that eBGP
neighbors are directly connected to each other and does
not establish an eBGP session unless that is the case. The
BGP Multi-hop feature overrides this behavior. The feature
must be enabled if the eBGP neighbors are not adjacent
to each other.
In the example shown, eBGP runs between the CE and PE
routers. They are directly connected to each other, so no
special configuration is required. We also want to use
eBGP to exchange routes with our partner, App.Com. The
mobile network connects to the App.Com network through
a VPN router located in Boston. According to our network
configuration, the VPN router simply implements the
tunnel between the two networks. CE4 implements the
routing policy that governs the exchange of routes with
App.Com. Since CE4 is not directly connected to the
App.Com router, R1, the eBGP Multi-hop feature must be
enabled in order to establish the eBGP session.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
121
7 | BGPv4 in Wireless Networks

Limiting Number of Routes


CE1, CE2, CE3
4G Data Typically advertise
AS110 CE1
20 routes
3G Data
AS120 CE2
Boston

PE1 MPLS Error


Voice
Backbone CE2 sends 150 routes
AS 130 CE3
PE2
AS 1
Services
AS 1000 CE4 PE1, PE2
CE4
Route limit: 100
VPN
Route limit: 20
Action: Warning
Action: Drop Session
Internet
Error
R1 sends 65 routes
AppCom

VPN

AS 5000 R1 R1
Typically advertises
10 routes
Award Solutions Proprietary

The autonomous systems routing policy determines the the routes offered by CE2 (of course, the number that are
number of routes that a router sends to its peers. Under accepted or rejected depends on the routing policy).
stable conditions, this number should not vary widely.
Similarly, router R1 sent 65 routes to CE4, instead of the
Large variations from the normal number of routes may
typical 10 routes. CE4 has been configured to drop the
indicate that a configuration error exists. For example, the
BGP session if the number of routes exceeds 20, in effect
policy filters may have been deleted or BGP may be
rejecting all of the routes that R1 offers. This results in a
inadvertently importing routes from OSPF. The
service outage for the services hosted by App.Com. The
configuration error may have occurred in a nearby router
system does not recover until somebody addresses the
or in a distant neighbor.
routing policy discrepancy between the number of routes
To insulate the network from such unexpected changes, sent by R1 and the number of routes expected by CE4.
the router may be configured to accept a maximum
number of BGP routes from a neighbor. Each neighbor
may have its own threshold. The router may generate a
warning message as the number of routes approaches the
threshold. If the number of routes exceeds the threshold,
the router may be configured to simply generate another
warning message, or to drop the BGP session entirely.
In the example shown, routers CE1, CE2 and CE3 each
advertise 20 routes to PE1 and PE2 under normal
circumstances. A configuration error results in CE2
sending 150 routes. PE1 and PE2 have been configured
to only generate a warning message. They process all of

Award Solutions' eBook is authorized for a single user only. Do not distribute.
122
7 | BGPv4 in Wireless Networks

Fast External Failover


4G Data
AS110 CE1
PE1 MPLS
Hartford 3G Data
Tear down BGP session Backbone
AS120 CE2 PE2
immediately. AS 1
Voice
AS 130 CE3

Hold-Timer Keep-Alive
20 seconds
BGP BGP

TCP TCP
Loss of Signal
Notification
IP IP

GigE GigE
Award Solutions Proprietary

The BGP hold timer is used to detect the loss of a In the example shown, the CE routers directly connect to
neighbor. If the router does not receive a BGP message the PE routers. The hold timer has been configured to be
from its neighbor before the hold timer expires, then the twenty seconds. If a link failure occurs, the physical
router concludes that that neighbor is dead, terminate its interface immediately notifies the BGP process. If the fast
BGP session and invalidate any BGP routes that were external failover feature were not enabled, the BGP
learned from it. The hold timer is typically set to be on the processes would take up to twenty seconds to react to the
order of tens of seconds. failure and update their routing tables. Customer services
may be adversely affected during this interval.
External BGP (eBGP) neighbors are typically directly
connected to each other. The Fast External Failover
feature instructs BGP to monitor the status of the physical
interface that connects to the eBGP neighbor. If the
physical interface becomes disabled (for example, due to
a loss of signal or configuration error), BGP may react
immediately to declare the neighbor to be dead rather
than wait for the hold timer to expire.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
123
7 | BGPv4 in Wireless Networks

BFD Route Supervision

PE1 MPLS PE7


Tear down BGP session Backbone
PE2 immediately. AS 1 PE8

Hold-Timer Keep-Alive
20 seconds
BGP BGP
Loss of
TCP Communications TCP
Notification

BFD Timer BFD


150 ms
IP IP

GigE GigE
Award Solutions Proprietary

Internal BGP (iBGP) neighbors typically are not directly


connected to each other. A failure may occur anywhere in
the path between the neighbors without either of the them
being aware of it. The Bidirectional Forwarding Detection
(BFD) protocol may be used to reduce failure detection
times in this case. BFD proactively monitors the path
between the neighbors by sending another keep-alive
message. Unlike the BGP keep-alive mechanism, BFD
typically detects a loss communications within a couple
hundred milliseconds. If BFD detects a communication
failure, it may notify BGP long before the hold timer
expires.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
124
7 | BGPv4 in Wireless Networks

Graceful Restart
1. Negotiate on OPEN 4G Data

Springfield
CE5 AS410
2. PE3 goes down, saves PE3
routing table 3G Data
CE6 AS410
3. CE routers mark PE3s PE4 Voice
routes as stale, but CE7 AS410
continue using them to
forward packets
CE6 BGP Table
4. PE3 restarts, marks all
routes as stale, but begins Route Attributes
to use them to forward stale 10.0.8.0/21 Next-Hop: PE3
packets stale 10.0.16.0/21 Next-Hop: PE3
5. Re-open BGP sessions stale 10.0.24.0/21 Next-Hop: PE3
6. Re-send Routing
10.0.8.0/21 Next-Hop: PE4
Information
7. Update routing tables 10.0.16.0/21 Next-Hop: PE4
10.0.24.0/21 Next-Hop: PE4

Award Solutions Proprietary

Under ordinary circumstances, if a BGP router detects that then the stale routes may be reactivated (assuming they
a neighbor goes down, it deletes any routes it learned are still valid). Otherwise, the router proceeds to delete
from that neighbor and sends an update to its remaining the stale routes from the routing table. Six minutes is a
neighbors (who may, in turn, propagate the change to typical value for the recovery timer.
their neighbors, and so on). When the router subsequently
re-establishes a BGP session with its failed neighbor, it
again must update its routing tables and then update its
other neighbors (who, again, update their neighbors, and
so on). When a router fails and then recovers in a short
period of time, this is known as route flapping and causes
routing instability in the network.
As its name implies, the Graceful Restart feature allows
the network to handle this situation more gracefully. The
two neighbors must indicate support for the feature when
they open the BGP session.
If the neighbor subsequently goes down, the router does
not immediately purge its routes from the routing table.
Instead, it marks the routes as stale, set a timer and
continue forwarding packets.
If the neighbor recovers, re-opens the BGP session and re-
transmits its routing information before the timer expires,

Award Solutions' eBook is authorized for a single user only. Do not distribute.
125
7 | BGPv4 in Wireless Networks

Summary
Several features improve routing convergence:
Fast External Failover,
BFD Route Supervision, and
Graceful Restart.
BGP Multipath enables Equal Cost Multipath (BGP
typically selects only one best path).
eBGP Multi-hop enables eBGP to run between
neighbors that are not directly connected.
The Maximum Route feature verifies that neighbors
send the expected number of routes.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
126
7 | BGPv4 in Wireless Networks

Review
Connect the BGP features in the left column to their
functions or definitions in the right column.
a) Avoids unnecessary routing updates in the rare
circumstance that a router reboots
b) Allows the network to function with fewer iBGP
BFD Route Supervision connections
c) Rapidly detects loss of communication to a directly
Fast External Failover connected neighbor
d) Rapidly detects loss of communication with a distant
neighbor
Maximum Paths
e) May terminate the BGP connection if a neighbor sends
too many routes
Graceful Restart f) Avoids unnecessary routing updates in the event of an
intermittent or recurring link failure
g) Allows a router to form a BGP session with a neighbor
that is not directly adjacent

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
127
Award Solutions' eBook is authorized for a single user only. Do not distribute.
128
8 | L3VPN in Wireless Networks

Chapter 8:
L3VPN in Wireless
Networks

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
129
8 | L3VPN in Wireless Networks

Objectives
After completing the module, you will be able to:
Draw the L3VPN architecture
Draw a design for an L3VPN application in an
EVDO/UMTS PS-CN and LTE-EPC
Sketch the L3VPN design in EVDO-UMTS-LTE
transport
Show the interconnection between MTSOs using
L3VPN
Highlight the components and protocols of the
L3VPN network
Briefly explain the operation of L3VPN in wireless

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
130
8 | L3VPN in Wireless Networks

Interconnecting MTSOs

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
131
8 | L3VPN in Wireless Networks

L3VPN: Application Domains


LTE-EVDO -
UMTS
Transport

LTE-EPC EVDO/UMTS
PS-CN
L3VPN

LTE Backhaul EVDO/UMTS


Backhaul

Award Solutions Proprietary

Prior to deploying MPLS, a service provider has to VPN customer routes are distributed between VRFs by a
maintain multiple separate networks such as ATM, TDM protocol known as Multi-Protocol Border Gateway Protocol
(T1/E1), Frame Relay (FR) and IP. This is a costly (MP-BGP).
proposition as each network requires different equipment
In the Peer-to-Peer L3VPN model, designated customer
and operating expertise. Basically, the service provider
routers called Customer Edge (CE) routers peer at Layer 3
had to maintain multiple networks to provide multiple
with service Provider Edge (PE) routers. Inside the MPLS
connectivity services.
network, the PE routers connect to Provider (P) routers.
With MPLS, the service provider can provide ATM, FR,
TDM and IP connectivity service to its customers with only
one MPLS core network. Hence, the service provider
maintains only one network to provide many different
connectivity services to its customers. In addition, the
service provider can provide more advanced services such
as Ethernet as well as L2 and L3 VPN services with QoS-
based Service Level Agreements (SLAs).
L3VPN is secure, flexible, easy to deploy/manage and very
popular among the wireless operators. L3VPN is very
widely deployed technology in many wireless operator
networks, Internet Service Provider networks, enterprise
networks and more. L3VPN uses the Virtual Routing and
Forwarding (VRF) inside the Provider Edge routers to
isolate the user plane, control plane and OA&M traffic.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
132
8 | L3VPN in Wireless Networks

L3VPN: Transport
1x EVDO/UMTS 1x EVDO /UMTS
Network Network
UE UE BTS/
BTS/
BTS/ Node B NB BTS/
Node B NB
CSR Backhaul Backhaul CSR

CE/MTSO CE/MTSO
Router P Router
PE P PE
CE/MTSO MPLS Transport CE/MTSO
Router Network Router

Backhaul Backhaul
CSR LTE-EPC LTE-EPC CSR
Network Network
UMTS/EVDO Routes
eNB eNB LTE Routes eNB eNB
eNB eNB
UE Award Solutions Proprietary UE

The EVDO-UMTS and LTE transport network is a pure IP-


based core network and is transparent to any IP traffic
flowing through it. Most backbone networks are MPLS
based to reduce the latency as voice, video, data and
other control data are carried in this network
transparently. To segregate the traffic of LTE, EVDO and
UMTS networks, L3VPN is used in the core.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
133
8 | L3VPN in Wireless Networks

Interconnecting MTSOs
MME/
VRF-LTE S-GW PDSN
VRF-EVDO Palm Bay-CE1 Palm Bay-CE2
AS 110 & eBGP AS 120 & eBGP
MTSO/CE1 MTSO/CE2
Orlando-CE2 Miami-CE1
AS 120 & eBGP AS 110 & eBGP
PE1 PE2
MTSO/CE2 MTSO/CE1

BTS-2 eNodeB-1
PE2 Core AS1 PE1
P2-RR2 OSPF/LDP/
MP-iBGP

P1-RR1
PE1 PE2 BTS-1
eNodeB-2

MTSO/CE1 PE2 MTSO/CE2


PE1
Orlando CE1 Miami-CE2
AS 110 & eBGP MTSO/CE2 MTSO/CE1 AS 120 & eBGP

Tampa-CE2 Tampa-CE1
AS 120 & eBGP AS 110 & eBGP
HA Award Solutions Proprietary P-GW

This picture shows how the MPLS backbone-based L3VPN


solution may be deployed to connect different Mobile
Telecommunication Switch Offices (MTSOs) to each other
to create wireless core network. Various MTSOs are
interconnected using L3VPN for both the EV-DO and the
LTE networks. This is achieved using two VRFs at the
Provide Edge (PE) routers. These VRFs help keep the EV-
DO and LTE traffic separate and also allow for possibly
using overlapping IP addresses.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
134
8 | L3VPN in Wireless Networks

L3VPN Architecture

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
135
8 | L3VPN in Wireless Networks

L3VPN Architecture
UE UE

MPLS Labeled Packets BTS


BTS
BTS BTS
1x EVDO
1x EVDO
Network
Network
CE CE
VRF VRF
Customer EVDO EVDO Customer
Domain IP GRT GRT Domain IP
ORL_PE P1
P MIA_PE
Packets Packets
VRF LTE VRF LTE
MPLS Core
Network
CE LTE-EPC CE
LTE-EPC
Network
Network

Provider Domain
eNB eNB eNB eNB
eNB eNB
UE Award Solutions Proprietary UE

The Virtual Private Networks (VPNs) have to meet certain Performance: Performance guarantees are part of
requirements in terms of security, scalability, flexibility and every Service Level Agreement, and VPN-provider
performance. Since a service provider may support networks must support different levels of QoS and
thousands of VPNs, there must be the ability to reliability for different VPNs.
differentiate between VPNs in terms of QoS and
The provider-customer model shown above meets all the
performance.
requirements for VPN customers in terms of security,
Security: Security is an important requirement for scalability, flexibility and performance.
VPNs. The service provider must ensure that packets
This model has three parts: the customer networks,
from one VPN are not routed into other VPNs nor may
provider networks and the links connecting the provider
packets from outside sources be injected into VPNs.
and the customer networks.
Scalability: The network must be able to support
hundreds of VPNs with thousands of sites. The VPN
solution should not require a linear increase in
resources as the number of VPNs and the number of
sites increase.
Flexibility: VPNs must be flexible in order to add sites
quickly while meeting bandwidth and transport
requirements. New site addition and VPN discovery
must be automated.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
136
8 | L3VPN in Wireless Networks

L3VPN Architecture (Continued)


UE UE

MPLS Labeled Packets BTS


BTS
BTS BTS
1x EVDO
1x EVDO
Network
Network
CE CE
VRF VRF
Customer EVDO EVDO Customer
Domain IP GRT GRT Domain IP
ORL_PE P1
P MIA_PE
Packets Packets
VRF LTE VRF LTE
MPLS Core
Network
CE LTE-EPC CE
LTE-EPC
Network
Network

Provider Domain
eNB eNB eNB eNB
eNB eNB
UE Award Solutions Proprietary UE

Customer Network PE-PE


The interface to the provider network is a customer router A modified form of BGP known as MP-iBGP handles the
called the Customer Edge (CE) router. This router routing exchange between the VRFs across all the PEs.
exchanges routing information with the provider network Labeled Packets are transported in the MPLS core. MP-
as well as the other customer domains in the network. iBGP connects only the VRFs of same VPNs.
Provider Network In our example only, VRF LTE of ORL_PE is connected to
VRF LTE of MIA_PE and VRF EVDO of ORL_PE is
In the Providers network, the edge router that interacts
connected to VRF EVDO of MIA_PE using the MP-iBGP
with the CE router is the Provider Edge (PE) router. The CE
protocol.
routers are connected to virtual routers created on the PE
routers. These virtual routers are called Virtual Routing Creation of VRFs and their interconnections are easy to
and Forwarding (VRF). Each VRF has its own routing and configure. connecting the customer interfaces to VRFs and
forwarding table. Linking the like VRFs belong to same VPN are achieved by
very simple procedure or commands. Thus, a provider
Transit routers (interior to the MPLS core) transport
using MPLS in the core is able to meet all the customer
customer traffic and routing information. They have no
requirements in terms of security, isolation of customer
need of customer routes and do not use VRF. Instead they
networks, scalability, flexibility and performance.
use the MPLS labels to move traffic through the MPLS
core. These routers are known as Provider (P) routers.
PE-CE Links
The CE connects to PE on a VRF. The PE and CE exchange
routing on this link. Only IP traffic is handled on this link.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
137
8 | L3VPN in Wireless Networks

High-Level Operations

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
138
8 | L3VPN in Wireless Networks

Protocols Used in Provider


Customer Model
UE UE

BTS BTS
BTS MP-iBGP BTS

1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network

LDP: IGP Label Distribution


eNB eNB MP-iBGP: VPN Label Distribution eNB eNB
eNB eNB

UE Award Solutions Proprietary UE

The MPLS core network consists of PE routers, P routers, The GRTs of all PEs and the GRT of the P routers form the
the loopback interfaces of each of these routers, and the MPLS Core Network. Note: VRFs are not used on the P
interfaces connecting PE-PE and PE-P. The MPLS Core routers.
uses single area OSPF to advertise the links and loopback
The CE and the respective VRF form an isolated network.
addresses of the core network. LDP is enabled on the
We have four such isolated networks in the above
MPLS core to distribute the labels for the core network
diagram. They are listed below.
and to build LSPs for every known destination between
the P routers and the PE routers. 1. CE_EVDO and VRF EVDO of ORL_PE

CEs are connected to PEs and isolation of customers 2. CE_LTE and VRF LTE of ORL_PE
traffic is achieved by using virtual routers known as VRF. 3. CE_EVDO and VRF EVDO of MIA_PE
In the example shown above, the EVDO networks and LTE 4. CE_LTE and VRF LTE of MIA_PE
Networks at Orlando site are connected to VRF EVDO and
VRF LTE created on ORL_PE. At the Miami site, the EVDO Counting the MPLS core, there are five isolated networks
networks and LTE Networks are connected to VRF EVDO in this diagram.
and VRF LTE in the same fashion.
To differentiate the standard routing table of ORL_PE from
routing tables created by the VRFs, the standard routing
table is called the Global Routing Table (GRT) in L3VPN
scenario.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
139
8 | L3VPN in Wireless Networks

Protocols Used in Provider Customer


UE
Model (Continued - I) UE

BTS BTS
BTS MP-iBGP BTS

1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network

LDP: IGP Label Distribution


eNB eNB MP-iBGP: VPN Label Distribution eNB eNB
eNB eNB

UE Award Solutions Proprietary UE

PE to CE Routing Protocol we must run multiple OSPF process on the PE; one for the
MPLS core and the other for the PE to CE link. The PE to
CE routers transfer their routes to the VRFs on PE using
CE OSPF process runs inside the respective VRF instance.
any of the protocols listed below.
The other disadvantage is that the mutual redistribution of
eBGP routes is required between the OSPF on PE-CE with MP-
Normal eBGP runs on the CE side and in the VRF instance iBGP on PE-PE and vice versa.
on the PE side. ISIS and RIP
The advantages of using eBGP on PE-CE are: The implementation of ISIS and RIP as PE-CE protocols is
1. No mutual redistribution is required between the similar to OSPF with the same disadvantages.
eBGP on PE-CE with MP-iBGP on PE-PE and vice Static/Default Routing
versa.
In static/default routing implementation, no routing
2. On the PE router, MP-iBGP and the customer eBGP protocol is used. A static route is created inside the VRF
inside the VRF instances are configured in a single table for the customer networks. It is redistributed into
section of BGP. MP-iBGP towards the other PEs. The CEs create a default
3. The issues given below for OSPF, ISIS and RIP are entry pointing toward the PE router to reach any network.
avoided, making eBGP the best PE-CE routing No routing protocol running between the CE and PE
protocol. results in efficient bandwidth utilization. The disadvantage
is that all new customer routes must be added manually
OSPF to the VRFs as they are added.
OSPF runs on the CE. On the PE, OSPF runs inside the VRF
instance of either EVDO or LTE. The disadvantage is that

Award Solutions' eBook is authorized for a single user only. Do not distribute.
140
8 | L3VPN in Wireless Networks

Protocols Used in Provider Customer


UE
Model (Continued - II) UE

BTS BTS
BTS MP-iBGP BTS

1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network

LDP: IGP Label Distribution


eNB eNB MP-iBGP: VPN Label Distribution eNB eNB
eNB eNB

UE Award Solutions Proprietary UE

MP-iBGP between PE-PE bytes) prepended with a type field of 2 bytes.


Normally, iBGP is used inside the core network to MP-iBGP transports VPNv4 Address, Next-hop attribute, a
transport the customer network routes to PEs. In the case VPN specific Route Target Attribute to indicate where to
of VRFs, we may encounter the following problem. populate the VPNv4 routes along with the VPN label.
The routes in VRFs are customer routes that may contain MP-BGP is capable of transporting standard IPv4 routes
private or public IP addresses overlapping or non- between the PEs, IPv6 routes between the PEs, VPNv4
overlapping with each other. In the event that any of the routes between the PEs and VPNv6 routes between the
customers routes in a VRF overlap with other VRF(s), the PEs; hence the name, Multi-Protocol BGP.
iBGP in the core network advertises only one best route
based on the path determination steps. In this case, we
are depriving a VPN service to other customers which is
undesirable.
The standard BGP is modified to address this issue. The
new protocol is known as Multiple Protocol-BGP (MP-BGP).
Since MP-BGP runs within the same AS in our case it is
known as MP-iBGP.
Each VRF adds a unique 64-bit number known as a Route
Distinguisher (RD) to the IPv4 (32-bit address) while
transporting across the MP-iBGP towards other PEs. The
resulting address is known as VPNv4 address of 96 bits.
The default format of RD is an AS Number (2-bytes:4-

Award Solutions' eBook is authorized for a single user only. Do not distribute.
141
8 | L3VPN in Wireless Networks

L3VPN Routing

MP-iBGP
MPiBGP (Route-X and A)
MPLS-LSP e-BGP
e-BGP

LDP: Label=18 CE_EVDO


CE_EVDO VRF LDP: Label=3
VRF NW Y
NW X EVDO EVDO
ORL_PE P1
P MIA_PE
NWA VRF LTE LDP: Label=3 LDP: Label=20 VRF LTE NW B

CE_LTE CE_LTE
MPLS-LSP
e-BGP e-BGP
MP-iBGP (Route-Y and B)
MP-iBGP

Award Solutions Proprietary

The Legacy VPN needs only an IP network in the core and Before the L3VPN routing happens, the MPLS core builds
IPSec or L2TP to tunnel the customer packets securely the LSPs for an all-IP network in the core using LDP. The
over the public Internet. The IP network in the core uses LSP is one way, and two LSP tunnels re-signaled to carry
OSPF along with BGPv4 to transport the customer routes. the IP packets between ORL_PE and MIA_PE.
This solution is not scalable due to the IP bottleneck and
The CE routers advertise their routes into the VRFs they
the manual provisioning VPN tunnels.
are connected to using the eBGP protocol. The EVDO and
L3VPN based on MPLS technology breaks the IP LTE VRFs are now populated with the customer routes.
bottleneck. The VRFs on the PE routers enable the perfect The contents of the EVDO and LTE VRFs are shown below
isolation between the VPN customers, and the after the eBGP updates are exchanged between PEs-CEs.
configuration involves are very few steps. L3VPN uses a
An MP-iBGP session is established between PEs. The P
single-area OSPF and LDP to build the MPLS LSPs in the
router need not participate in MP-iBGP as it has no
core. The MP-iBGP protocol advertises the customer
customers/VRFs.
routes of VRFs across the MPLS domain to the VRFs of all
other PEs belong to the same VPN. The customer has a ORL_PE advertises the contents of VRF EVDO and VRF
choice of several protocols between the CEs and the LTE routes X and A. MIA_PE does the same and advertises
respective customer VRF on the Pes, but eBGP is the contents of VRF EVDO and VRF LTE routes Y and B.
preferred. The routes received from other PEs over MP-iBGP are
In the chart shown above, two VPN customers, EVDO and advertised toward the CEs over eBGP and the customer
LTE networks of the Orlando site, should be connected to routing table is updated accordingly. The end-to-end
the EVDO and LTE networks of the Miami site. MP-iBGP is L3VPN routing is ready between the two sites after this
used for linking customer VRFs and to transfer the routes process and ready to forward the customer traffic
between them. between EVDO and LTE networks.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
142
8 | L3VPN in Wireless Networks

L3VPN Forwarding
IP Packet 25 18
IP Packet 25
IP Packet 26 18
IP Packet 26

LDP: Label=18 CE_EVDO


CE_EVDO VRF LDP: Label=3 VRF
EVDO EVDO NW Y
NW X
ORL_PE P1
P MIA_PE
NWA VRF LTE LDP: Label=3 LDP: Label=20 NW B
VRF LTE

CE_LTE CE_LTE

20 35 IP Packet
35 IP Packet
20 36 IP Packet
36 IP Packet

Award Solutions Proprietary

The end-to-end L3VPN routing is ready between Orlando forwarded to VRF EVDO after popping Label 25. The
and Miami sites. The network is now ready to handle the VRF EVDO refers entry Y and forwards the IP packet
end-to-end VPN traffic. toward the CE_EVDO of the Miami site.
The above chart describes the L3VPN forwarding of traffic Traffic from A to B:
from Orlando sites towards Miami sites.
In the same way, the IP packets from the Orlando LTE
Traffic from X to Y networks are forwarded toward the Miami LTE sites
using inner label 26 and outer label 18.
CE_EVDO of Orlando: CE_EVDO of the Orlando site
sends an IP packet to destination Y, which is Traffic from Y to X and B to A:
parented to CE_EVDO of the Miami site. The IP packet
Traffic from Y to X and B to A follow in the same
arrives at ORL_PE and VRF EVDO is referred for
manner described above with different set of labels,
further routing.
as shown in the chart above.
ORL_PE: VRF EVDO checks the entry Y and forwards
the IP packet with Labels 18, 25; 18 being the outer
label which leads to the NH MIA_PEs loopback
Address and 25 being the VPN Label represents the
VRF route Y on MIA_PE.
P router: The P router pops (PHP) the label and
forwards the packet with Label 25 toward MIA_PE.
MIA_PE: VPN Label 25 was advertised by MIA_PE for
the VRF EVDO route Y. Hence, the packet is

Award Solutions' eBook is authorized for a single user only. Do not distribute.
143
8 | L3VPN in Wireless Networks

Summary
L3VPN can be used in EVDO-UMTS-LTE backhaul.
L3VPN is a good choice for EVDO-UMTS-PS-CN and LTE-
EPC interconnection.
MTSOs are interconnected using VRFs for various
customer traffic using L3VPN technology.
L3VPN has CE-PE-P routers and uses OSPF, LDP and
MP-iBGP in the core network.
L3VPN can use eBGP as a PE-CE protocol.
Customers eBGP routes are advertised to other PE
peers using MP-iBGP.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
144
8 | L3VPN in Wireless Networks

Review Questions
1. Which protocol carries the customer routes (L3VPN) in the MPLS-Core?
a) OSPF
b) LDP
c) MP-iBGP
d) None of the above
2. Which protocols work together to form the LSPs in the backbone
network?
a) MP-iBGP and eBGP
b) OSPF and LDP
c) None of the above
3. Why the Core Router (P-Router) is not participating in MP-iBGP route
exchange?
a) No Protocol Support on P Routers
b) No L3VPN Customers on P-Routers
c) None of the above

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
145
Award Solutions' eBook is authorized for a single user only. Do not distribute.
146
9 | L3VPN Routing

Chapter 9:
L3VPN Routing

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
147
9 | L3VPN Routing

Objectives
After completing the module, you will be able to:
Identify the routing protocols and associated
protocols used in L3VPN networks
Describe a VRF and its related parameters
List the MP-iBGP address families
Define the role of RD and VPNv4 address
Explain the use of Route-Target and VPN Labels
Describe the use of Site-of-Origin and iBGP-
Multipath in multi-homing scenario

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
148
9 | L3VPN Routing

Provider-Customer
Model

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
149
9 | L3VPN Routing

Protocols used in Provider


Customer Model
UE UE

BTS BTS
BTS MP-iBGP BTS

1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network

LDP: IGP Label Distribution


eNB eNB MP-iBGP: VPN Label Distribution eNB eNB
eNB eNB

UE Award Solutions Proprietary UE

As shown above, the L3VPN solution requires OSPF and


LDP to support MPLS.
It uses MP-iBGP to distribute customer network
information between customer networks.
eBGP is used between the CE and the PE at the edge of
the customer and provider network. The eBGP supplies
routes to the VRFs found at the PEs.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
150
9 | L3VPN Routing

MPLS Router

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
151
9 | L3VPN Routing

RIB-LIB-FIB-LFIB
OSPF, IS-IS OSPF, IS-IS
Routing Process
eBGP etc eBGP etc
GE 0/0.410
PROTOCOL ROUTE NEXT-HOP
RIB GE 0/0.408
O 172.16.0.131/32 GE 0/0.408
172.16.0.131/32 172.16.0.131/32
Local Binding=22 Local Binding=22
Label Distribution Protocol
172.16.0.131/32 172.16.0.131/32
Remote Binding=37 ROUTE:172.16.0.131/32 Remote Binding=32
LOCAL/REMOTE LABEL LSR ID
LOCAL LABEL 22 172.16.0.135:0 LIB

PE
Router
+ REMOTE LABEL
REMOTE LABEL
32
37
172.16.0.137:0
172.16.0.136:0
FIB
ROUTE LABEL NEXT-HOP
IP Packets 172.16.0.131/32 32 GE 0/0.408 IP Packets

IN- OUT- ROUTE NEXT-HOP


Labeled Packets
LABEL LABEL
Labeled Packets
22 32 172.16.0.131/30 GE 0/0.408
Award Solutions Proprietary
LFIB

MPLS routers are based on standard routers with From the information in the RIB and the LIB, Forwarding
additional software to support the MPLS function. Information Bases (FIBs) are created and implemented in
hardware. FIBs allow efficient and fast forwarding
This chart demonstrates the control plane and forwarding
decisions to be made for each packet received.
plane of an MPLS router. Like a standard router, the
routing protocol functions as described earlier. We can say There are four forwarding modes possible:
that all MPLS routers can function as standard routers,
Inbound IP packet leaves as standard IP packet
but only those routers with MPLS software can function as
MPLS routers. Inbound IP packet leaves as labeled packet

Like standard routers, in an MPLS router, the routing and Inbound labeled packet leaves as labeled packet
forwarding functions are separated for efficient packet Inbound labeled packet leaves as standard IP packet.
forwarding. Forwarding functions are implemented in
hardware (Forwarding Plane) and Routing functions, like Standard routing applies when an inbound IP packet
exchange of routing information, sending OSPF hellos, and leaves as a standard IP packet. The destination address is
updates, are processed in software (Control Plane). The compared to the FIB and the longest match in the table
IGP routing process (for example OSPF) updates the determines the interface that the packet must be
Routing Table (RIB) and LDP (Label Distribution Protocol) forwarded from to reach the next hop in its route.
distributes labels for the routes available in RIB. The local When a router is an ingress router for an MPLS network, it
labels are distributed to the LSP neighbors and the is called the Label Edge Router (LER). LERs use the FIB to
remote labels are those received from the LDP neighbors. determine the label to be placed on a packet based on its
All labels, ingress and egress, are stored in the Label IP destination address. The addition of a label to a packet
Information Base (LIB). is called Pushing a label. Ingress routers are the first point
of contact with the MPLS network for a packet.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
152
9 | L3VPN Routing

RIB-LIB-FIB-LFIB (Continued)
OSPF, IS-IS OSPF, IS-IS
Routing Process
eBGP etc eBGP etc
GE 0/0.410
PROTOCOL ROUTE NEXT-HOP
RIB GE 0/0.408
O 172.16.0.131/32 GE 0/0.408
172.16.0.131/32 172.16.0.131/32
Local Binding=22 Local Binding=22
Label Distribution Protocol
172.16.0.131/32 172.16.0.131/32
Remote Binding=37 ROUTE:172.16.0.131/32 Remote Binding=32
LOCAL/REMOTE LABEL LSR ID
LOCAL LABEL 22 172.16.0.135:0 LIB

PE
Router
+ REMOTE LABEL
REMOTE LABEL
32
37
172.16.0.137:0
172.16.0.136:0
FIB
ROUTE LABEL NEXT-HOP
IP Packets 172.16.0.131/32 32 GE 0/0.408 IP Packets

IN- OUT- ROUTE NEXT-HOP


Labeled Packets
LABEL LABEL
Labeled Packets
22 32 172.16.0.131/30 GE 0/0.408
Award Solutions Proprietary
LFIB

Routers in the middle of an MPLS network are called Penultimate Hop POP (PHP) .
transit routers and they swap labels to move packets
An LSP is a predefined path that begins at an ingress
through the MPLS network. Inbound packets have labels
router and continues to an egress router. The path is one
and only the label is examined to determine the new label
way.
that must be swapped. As a labeled packet moves across
the MPLS network it may encounter 0253 transit routers FIB and LFIB are prepared based on the dynamic
until is reaches the edge of the MPLS cloud. Transit information available in RIB and LIB. When the RIB and
routers use the LFIB (Label Forwarding Information Base) FIB are updated based on the status of the network
to swap labels. topology, the contents of FIB and LFIB are also updated.

The last two routers on an LSP remove the label and


prepare the packet to be routed to its final destination
using standard routing procedures. The final router, know
as the egress router or ultimate router, receives an
unlabeled packet and processes it using standard routing
processes. The second to the last router on an LSP,
immediately before the egress router, is called the
penultimate router. This router removes the label and
forwards to the egress router. The label is removed here
to save double lookup at the egress router MPLS
lookup, followed by an IP route lookup. Removing a label
is know as popping the label. When we pop the label of an
IP packet at the penultimate router it is known as a

Award Solutions' eBook is authorized for a single user only. Do not distribute.
153
9 | L3VPN Routing

VPN Routing and


Forwarding

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
154
9 | L3VPN Routing

What is VRF?
UE
BTS
VRF EVDO BTS 1x EVDO
Network
Routing
Process MPLS Core
CE
RIB Network
OSPF OSPF
FIB VRF VRF
EVDO GRT LDP LDP EVDO
GRT
ORL_PE P1
P MIA_PE
Routing VRF LTE VRF LTE
Process
RIB
CE Routing
FIB LDP
Process
LTE-EPC
VRF LTE Network RIB LIB

eNodeB eNodeB FIB


eNodeB
LFIB
UE Award Solutions Proprietary
GRT

VPN customers spread across geography need a private Since VRF is not distributing labels, the LIB and LFIB are
network (virtual) interconnectivity for their sites. The absent. In some advanced MPLS implementations, like
virtual private network (VPN) provides the necessary Inter-AS MPLS, labels are distributed to customers,
privacy and security for their operations. The service resulting in a seamless MPLS Network. In this case, LIB
provider network (MPLS Core) provides a VPN service for and LFIB exist as well.
these customers.
The VRFs and GRT are completely isolated and no internal
The MPLS networks provides VPN services by creating a communication or transfer of routes possible except with
VRF Table for each customer and carrying the VRF routes the MP-BGP Table.
separately from the routes of other customers or the core
network.
Each customer has a Virtual Router called a VRF. Each
VRF creates its own routing table. When a VRF is created
a unique RIB and FIB are also created for each VRF,
hence the name Virtual Routing and Forwarding.
CE-PE routing protocols talk to the routing process
associated with VRFs and populate the routes in the
Routing Table (RIB) of VRF.
These routes are written in FIB of the VRF and are ready
to forward the IP packets between the customer and
MPLS core networks.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
155
9 | L3VPN Routing

VRF Parameters
VRF
Description Format Example
Parameter
Route Distinguishes the AS:Number 1:110
Distinguisher VPN routes of
(RD) different customers IP:Number 172.16.0.135:110
Export Route Outgoing VPN routes AS:Number 1:110
Target are identified by this
IP:Number 172.16.0.135:110
(RT) parameter
Import Route Incoming VPN routes AS:Number 1:110
Target are filtered by this IP:Number 172.16.0.135:110
(RT) parameter

Award Solutions Proprietary

Since VRFs may contain private and overlapping IP 2. IP Address:Number (32-bits:16-bits)


addresses for different customers, we need to
Example 172.16.0.135:110 where 172.16.0.135 is
differentiate these routes using a unique Route
Loopback IP Address of the PE router and 110 is the
Distinguisher (RD) per VRF in order for MP-BGP to carry all
number assigned for the specific VRF.
customer routes. Remember that default BGP behavior
advertises only one best route outbound among the
multiple inbound advertisements received based on the
path determination algorithm.
The RD converts the customer routes of a VRF into an
unique VPNv4 route.
MP-iBGP, which is common for all customers, carries the
customer routes without dropping any as the RD ensures
that every route is unique.
The RD is not a VPN-specific number. It simply
differentiates customer routes on VRFs of a router.
RD has two formats:
1. AS Number:Number (16-bits:32-bits)
Example 1:110 where 1 is the AS Number of the PE
router and 110 is the number assigned for the
specific VRF.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
156
9 | L3VPN Routing

VRF Parameters (continued)


VRF
Description Format Example
Parameter
Route Distinguishes the AS:Number 1:110
Distinguisher VPN routes of
(RD) different customers IP:Number 172.16.0.135:110
Export Route Outgoing VPN routes AS:Number 1:110
Target are identified by this
IP:Number 172.16.0.135:110
(RT) parameter
Import Route Incoming VPN routes AS:Number 1:110
Target are filtered by this IP:Number 172.16.0.135:110
(RT) parameter

Award Solutions Proprietary

The Route Target (RT) identifies every VPN across all RT has two purposes. The RT is advertised with the VPNv4
locations. The RT must be the same for geographically routes to indicate the target VRFs. This is known as export
separated VRFs that belong to a specific VPN on different RT. The RT allows the incoming VPNv4 routes advertised
PEs. Hence, the RT values must be unique per VPN by MP-iBGP with a specific RT into VRFs after converting
customer. VRFs are interconnected by this parameter. back into IPv4 address. The route target configured to
filter routes with a specific RT is known as import RT. The
RT has two formats:
export and import routers must be configured per VRF.
1. Type-1 is AS Number:Number (16-bits:32-bits)
As a convention, RT values and RD values may be the
Example 1:110 where 1 is AS Number of the PE same (110 in the example shown above).
router and 110 is the number assigned for the
RDs only distinguishes the overlapping routes on a router
specific VPN represented by VRF
and need not be VPN specific.
2. Type-2 is IP Address:Number (32-bits:16-bits)
Example 172.16.0.135:110 where 172.16.0.135 is
Loopback IP Address of the PE router and 110 is the
number assigned for the specific VPN represented by
VRF.
Cisco, by default, uses Type-1 format for RT and RD. Type-
1s advantage is that it has a common AS in it. All the PEs
fall under the same AS number (Core AS).

Award Solutions' eBook is authorized for a single user only. Do not distribute.
157
9 | L3VPN Routing

Attaching an Interface to VRF

Award Solutions Proprietary

A customers routers are connected on specific interfaces Before attaching the interface to VRFs:
with non-overlapping IP addresses. These interfaces by
The CE_EVDO and CE_LTE routers are attached to the
default connected to the Global Routing table of the
Orlando PE (ORL_PE) using 192.168.4.8/30 and
router. These customer interfaces must be attached to the
192.168.4.4/30 address blocks on the interfaces GE
respective customer VRFs for the VPN operation. Once
0/0.403 and GE 0/0.402 respectively. Since by default
connected the customers directly interact with the routing
all the interfaces are connected to GRT these networks
protocols associated with the VRFs and advertise and
appear in the Global Routing Table as connected route.
receive the routes.
After attaching the interface to VRFs:
This is done by a simple command issued at the
respective customer interface. Cisco routers use the A command ip vrf forwarding vrf <VRF Name> is issued
command ip vrf forwarding <name of the customer VRF>. on the customer interface to detach from the GRT and
This command detaches the interface from the GRT and attach it to the specific VRF mentioned in the command.
attaches to the VRF mentioned in the command. The In the process the IP address configuration is lost and we
process of detaching an interface from GRT and attaching have to re-configure the IP address for the customer
it to a VRF resets or clears the IP Address allocation. interface on the PE side now connected to the customer
Hence IP address and Mask must be reassigned again VRF. Once the IP address is configured the network
manually when this action is done. appears in VRF table instead of GRT.

Since the interface is detached from GRT it no longer


appears in GRT as a connected route. It starts appearing
as s connected route in VRF which can be verified by a
command show ip route vrf <VRF name> on Cisco routers.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
158
9 | L3VPN Routing

Attaching an Interface to VRF (Continued)

Award Solutions Proprietary

Facts about VRFs and interfaces:


Many customer sites belonging to same VPN can be
connected to a specific VRF via their CE routers. That
means many interfaces can connect to the same VRF.
An customer site cannot be connected to two
different VRFs

Award Solutions' eBook is authorized for a single user only. Do not distribute.
159
9 | L3VPN Routing

VPN Route Distribution


using MP-iBGP

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
160
9 | L3VPN Routing

BGP vs. MP-BGP


BGP MP-BGP

Transports only IPv4 Addresses Transports IPv4, IPv6, VPNv4 and


VPNv6 Addresses
Distributes Customers Public IP Distributes Customers Private
address in Public Network and Public IP addresses also
Route Manipulation is Complex Route Manipulation is Simple by
the use of Route Targets
Transports Networks from Global Transports Networks from Global
Routing Table Routing Table and VRFs
Uses only the Standard Use both the Standard and
Community Attributes Extended Community Attributes

Can not distribute a Label Distributes VPN Labels for VRF


routes

Award Solutions Proprietary

Before getting deep into the MP-BGP lets examine the Route Manipulation
major modifications from the existing protocol BGP.
The route manipulation, network isolation and filtering of
Route Advertisement the routes involve complex configuration in BGP, whereas
MP-BGP employs a simple method using Route-Targets to
BGP is capable of transporting only IPv4 addresses. The
manipulate the routes.
BGP routes thus advertised are updated into the Global
Routing Table. In the public domain the private IP Transport of Networks
addresses defined in RFC 1918 (10.0.0.0/8;
BGP is capable of transporting routes and populating the
172.16.0.0/12; 192.168.0.0/16) are not routed hence
GRT. MP-BGP can transport the routes and populate VRFs
BGP is not configured to carry these routes. In private
and GRT.
network, BGP can transport the private IP addresses.
Community
MP-BGP transports IPv4 (32 bits), IPv6 (128 bits), VPNv4
(96 bits), VPNv6 (192 bits) Addresses. The VPNv4 and BGP transports only standard community of the format AS
VPNv6 routes belong to Private Networks and they are Number:Number (16 bits:16 bits) MP-BGP can transport
populated inside the respective IPv4 VRFs or IPv6 VRFs. both the standard community as well as the extended
You can expect RFC 1918 private IP addresses in these community. The extended community has two formats.
VRFs. MP-BGP transports these private IP addresses in The type 1 format is AS Number:Number (16 bits:32 Bits)
the form of VPNv4 and VPNv6 addresses inside a public and the type-2 format is IP Address:Number (32 bits:16
domain but these routes are not populated into the Global bits).
Routing Table but it goes into the respective VRFs. Hence Label
MP-BGP is capable of carrying both private and public
addresses in the public domain. BGP is not capable of distributing a label. MP-BGP is
capable of distributing a label for the advertised routes.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
161
9 | L3VPN Routing

Route Distinguisher

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
162
9 | L3VPN Routing

Overlapping Customer Addresses


AS 120
RID: 10.0.96.65, Origin IGP, Metric =0
RID: 10.0.96.65
CE_EVDO Peer: 192.168.4.9/30 MPiBGP Drops this Advertisement

ORL_PE IPv4 Route


Next-Hop IP Address
10.0.96.0/20
ORL_PEs Loopback
VRF-EVDO
PROTOCOL ROUTE MP-iBGP
B 10.0.96.0/20 PE

VRF-LTE P PE

PROTOCOL ROUTE MP-iBGP PE


B 10.0.96.0/20
MPiBGP Advertisement to all other PEs
RID: 10.0.96.65
Peer: 192.168.4.5/30
IPv4 Route
Next-Hop IP Address
10.0.96.0/20
ORL_PEs Loopback
CE_LTE
AS 110 Customer Addresses are Overlapping (10.0.96.0/20)
RID: 10.0.96.65, Origin IGP, Metric=0 BGP Resorts to Path Selection Algorithm
CE_LTE Route with RT 1:110 is advertised
CE_EVDO Route with RT 1:120 is dropped (undesirable effect)
Award Solutions Proprietary

The above chart represents two customers EVDO and LTE networks.
of Orlando uses the same IP address blocks for their
4. AS Path length: Both the AS Path length is 1 for both
networks. Two unique VRFs are created on ORL_PE router
the networks since these networks are parented to
and they are connected to CE_EVDO and CE_LTE routers
AS 120 and AS 110 and received directly from the
respectively. Both the CEs advertise their routes towards
respective ASs.
PEs and they are populated in VRF EVDO and VRF LTE. So
far so good. 5. Origin: The origin for both the networks are IGP.

MP-BGP tries to carry both the networks of VRF EVDO and 6. MED: No Metrics (MED) are set for the Customer
VRF LTE. Since the Network numbers are same network and it is 0 for both.
(10.0.96.0/20) it resorts to Path Determination steps to 7. eBGP or iBGP: Both are eBGP received routes.
decide the best path for outgoing advertisement.
8. Lowest IGP Metric to Peer: The Lowest metric is not
Path determination goes like this: applicable here as both or eBGP received routes.
1. Weight: Since we have not set any weight it is be 0 9. Router ID of the Peer: RID are same since both the
for both. networks EVDO and LTE are using same RID.
2. Local Preference: By default the Local Preference is 10. Peer ID of the Router: The Peer ID of CE_EVDO is
100 for both the routes. 192.168.4.9 and the Peer ID of CE_LTE is
3. Locally Originated: Both the routes are not locally 192.168.4.5. The lowest Peer ID wins. Thus the
generated. Since the next-hop is other than 0.0.0.0 network 10.0.96.0/20 from LTE VRF is advertised
for both the networks, i.e., the next-hop is and populated across all the LTE VRFs on other PEs.
192.168.4.9 EVDO and 192.168.4.5 for LTE

Award Solutions' eBook is authorized for a single user only. Do not distribute.
163
9 | L3VPN Routing

Overlapping Customer Addresses


AS 120
RID: 10.0.96.65, Origin IGP, Metric =0 (Continued)
RID: 10.0.96.65
CE_EVDO Peer: 192.168.4.9/30 MPiBGP Drops this Advertisement

ORL_PE IPv4 Route


Next-Hop IP Address
10.0.96.0/20
ORL_PEs Loopback
VRF-EVDO
PROTOCOL ROUTE MP-iBGP
B 10.0.96.0/20 PE

VRF-LTE P PE

PROTOCOL ROUTE MP-iBGP PE


B 10.0.96.0/20
MPiBGP Advertisement to all other PEs
RID: 10.0.96.65
Peer: 192.168.4.5/30
IPv4 Route
Next-Hop IP Address
10.0.96.0/20
ORL_PEs Loopback
CE_LTE
AS 110 Customer Addresses are Overlapping (10.0.96.0/20)
RID: 10.0.96.65, Origin IGP, Metric=0 BGP Resorts to Path Selection Algorithm
CE_LTE Route with RT 1:110 is advertised
CE_EVDO Route with RT 1:120 is dropped (undesirable effect)
Award Solutions Proprietary

Is it a desirable effect? Will the EVDO customer like it? No.


We are depriving the VPN service for the EVDO customers.
What is the remedy then?
The VRFs will be assigned a special parameter, known as
a Route Distinguisher (RD), 64-bits in length and
prepended to the existing 32-bit IPv4 addresses residing
in the VRFs before advertisement over MP-iBGP. The RD
makes the overlapping addresses unique and MP-iBGP
advertises both the customer routes without resorting to
Path Determination steps.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
164
9 | L3VPN Routing

Route Distinguisher
MPiBGP Advertisement to all other PEs
AS 120
RID: 10.0.96.65, Origin IGP, Metric =0 VPNv4 Route 1:120: 10.0.96.0/116
RID: 10.0.96.65 Extended Community RT 1:120
CE_EVDO Peer: 192.168.4.9/30

ORL_PE
Next-Hop IP Address
VPN Label
ORL_PEs Loopback
25

VRF-EVDO RD 1:120; RT 1:120


MP-iBGP
PROTOCOL ROUTE
RD 1:120 B 10.0.96.0/20 PE

RD 1:110 P PE
VRF-LTE RD 1:110; RT 1:110
PROTOCOL ROUTE MP-iBGP PE
B 10.0.96.0/20
MPiBGP Advertisement to all other PEs
VPNv4 Route 1:110: 10.0.96.0/116
RID: 10.0.96.65
Peer: 192.168.4.5/30 Extended Community RT 1:110
CE_LTE
AS 110
RID: 10.0.96.65, Origin IGP, Metric=0
Next-Hop IP Address
VPN Label
ORL_PEs Loopback
26

The Route Distinguisher allows both the routes to be advertised


Award Solutions Proprietary

The overlapping address problem is solved with Route MP-iBGP while transporting the customer routes of VRF
Distinguisher (RD). The normal BGP protocol can not carry prepends the pre-defined RD to the IPv4 address to make
this extended address. It is modified as MP-BGP, which it unique.
can carry multiple protocol addresses of various length.
The EVDO network 10.0.96.0/20 after prepending the RD
A unique 8-byte (64-bit) Route Distinguisher is added to looks like 1:120:10.0.96.0/116.
the customer routes in VRF before transporting on MP-
You may have a question here how the subnet-mask 20
iBGP. The route created is known as a VPNv4 route. The
has become 116. Keep this question reserved until the
VPNv4 address is 96 bits long. RD (64 bits) + IPv4 route
RD format is discussed in the next slide.
(32 bits) = 96-bit VPNv4. Each VRF is assigned with a
unique RD. The default format used is [AS No:Number]. By The LTE network 10.0.96.0/20 after prepending the RD
adding a unique RD the customer routes, though looks like 1:110:10.0.96.0/116.
overlapping, look unique. The MP-iBGP carries both the routes now as they are
We assign the RD value by a one-line command: rd <AS unique.
No :Number> inside the specific VRF.
The example above shows how RD is assigned.
We assign the RD 1:120 for EVDO VRF using the default
format [AS Number:Number]. The core AS 1 and the
customer AS 120 to derive the unique RD here. For LTE
VRF we assign the RD 1:110 using the same principle
core AS 1 and the customer AS 110.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
165
9 | L3VPN Routing

RD Format and VPNv4 Address


Route Distinguisher Format IPv4 to VPNv4 conversion Process
8 Bytes (64 bits)
IPv4 Address + 32 bits
Route Distinguisher Format Type-1
RD + 64 bits
Type=1 AS Number Number
(2 Bytes) (2 Bytes) (4 Bytes) MPLS Label,-EXP-S + 24 bits

8 Bytes (64 bits)


Prefix Length + 08 bits

Route Distinguisher Format Type-2 VPNv4 Address = 128 Bits


Type=2 PEs Loopback Address Number IPv4:10.0.96.0/20
(2 Bytes) (4 Bytes) (2 Bytes) Prefix=20 IP=10.0.96.0
(1 Byte) (4 Bytes)

96+20=116 Type=1 AS=1 Number=110 Type 1 RD 1:110


(2 Bytes) (2 Bytes) (4 Bytes)
(20 Bits) (4 Bits)
Prefix=116 VPN Label = 26 EXP, S Prefix -Length=116 (96+20), MPLS Label=26 , EXP=0, S=1
(1 Byte) (3 Bytes)

VPNv4 Follows the SAFI-128 Format = 128 bits


(20 Bits) (4 Bits)
Prefix=116 VPN Label = 26 EXP, S Type=1 AS=1 Number=110 IP=10.0.96.0
(1 Byte) (3 Bytes) (2 Bytes) (2 Bytes) (4 Bytes) (4 Bytes)

Prefix + MPLS Label-EXP-S + RD+ IPv4 Network = VPNv4 Advertisement = SAFI 128
Award Solutions Proprietary

The Route Distinguisher uses a 64-bit format as shown in Three bytes comprising of a VPN label, experimental field
the chart above. Two formats are currently defined. and S-bit are attached to the VPNv4 address. Label 20
bits + Experimental 3 bits + Bottom of the Stack bit (S-bit)
1. Type-1 RD Format: The Type-1 RD uses [AS Number:
1 bit = 24 bits = 3 bytes. The experimental bits are set to
Number] format of [16 bits:32 bits]. A two byte type
000 if not manipulated by QoS Policy and the S-bit is set
field is prepended to this value. Examples of Type-1
to 1 as the VPN label is the bottom-most label next to IP
RD are 1:120, 1:110.
header.
2. Type-2 RD Format: The Type-2 RD uses [Loopback IP
Finally, the prefix length field of 1 byte in length, that was
address of PE:Number] of [ 32bits :16 bits]. A two
an existing field of normal BGP to carry the subnet mask
byte type field is prepended to this value. Examples of
value of the route, is also added in the beginning with the
Type-2 RD are 172.16.0.129:120,
modified subnet mask as 116 to represent the Network
172.16.0.129:110.
Part and the remaining 12 bits as the host part of the
The total length of the RD, including the type field in both VPNv4 address. The Subnet Mask in VPNv4 is arrived at
the formats, is 64 bits (8 bytes). The total length of a thusly: Original subnet Mask Length 20 bits + RD 64 bits
VPNv4 address is 96 bits, i.e., RD 64 bits + IPv4 address + Label-EXP-S 24 bits + Prefix-Length field 8 bits = 116
32 bits = 96 bits of VPNv4 address. bits.
Cisco routers by default uses the Type-1 RD format. The format of 128 bits VPNv4+ VPN Label+ Prefix length
MP-iBGP does not advertise the VPNv4 address as it is as is governed by the IETF standard SAFI-128 or Subsequent
described above. It adds the unique VPN label for this -Address Family Identifier 128 bits.
route (picked up from the common Label base that LDP is
also using) and attach to the resultant VPNv4 address.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
166
9 | L3VPN Routing

VPNv4 and IPv4


Address Families

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
167
9 | L3VPN Routing

MP-iBGP and Address Families

Award Solutions Proprietary

MP-BGP is an extended form of BGP to support many advertisement


address families. BGPv4 currently supports only IPv4
Address Family VPNv4 (64 bits RD + 32 bits IPv4): 96
address families. Most of the MP-BGP configuration is
bits: All additional MP-iBGP configurations between
similar to the Normal BGP configuration. The normal BGP
PEs are done here. The main peering between MP-
is designed to transport only IPv4 advertisements. MP-
iBGP peers are done under the BGP global
BGP carries Multiple Address Family Prefixes in one single
configurations as shown above.
container between the peers.
Address Family IPv4 VRF XYZ: The VPN customer
A sample MP-BGP configuration done on Cisco Routers is
specific configurations are done here. eBGP for VRF
shown above.
customers is configured here. In case a VRF customer
In MP-BGP, all configurations are grouped under the same uses OSPF protocol, that routing information is
BGP configurations but separated by different address- redistributed into this VRF instance so that it can be
families. You may notice a new command neighbor <IP transported across MP-BGP
Address of the Peer> activate. All the neighbors need an
In addition to the address families shown above, MP-BGP
additional activate command to become functional. The
can also transport the IPv6, VPNv6, IPv4 Multicast and
activate command is entered in their respective address
IPv6 Multicast a brief information is shown below.
families.
Address Family IPv6: 128 bits
The Multiple Protocol Prefixes are listed below:
Address Family VPNv6 (64 bits RD + 128 bits IPv6):
Address Family IPv4:32 bits: All IPv4 peering between
192 bits
the PEs, PE-P, PE-Non-VPN CE and the related
configurations are done under this address family. IPv4 Multicast: 32 bits
Each neighbor needs to be activated for IPv4 IPv6 Multicast: 128 bits

Award Solutions' eBook is authorized for a single user only. Do not distribute.
168
9 | L3VPN Routing

Route Target

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
169
9 | L3VPN Routing

Route-Target
Export/Import RT 1:110 Export/Import RT 1:120
MPBGP Table
VRF LTE VRF EVDO
1:110:10.0.96.0/116; RT 1:110
10.0.96.0/20 10.0.112.0/20
1:120:10.0.112.0/116; RT 1:120
10.0.32.0/20 10.0.48.0/20
1:130:192.168.4.128/124; RT 1:130
1:110:10.0.32.0/116; RT 1:110
1:120:10.0.48.0/116; RT 1:120 VRF OAM
1:130:192.168.2.128/124; RT 1:130 192.168.4.128/28
192.168.2.128/28
Export RT ORL_PE Export/Import RT 1:130
Import RT MP-iBGP
Export/Import RT 1:120
MIA_PE VRF EVDO
MPBGP Table 10.0.48.0/20
Export/Import RT 1:110 1:110:10.0.32.0/116; RT 1:110 10.0.112.0/20
1:120:10.0.48.0/116; RT 1:120
VRF LTE 1:130:192.168.2.128/124; RT 1:130 VRF OAM
10.0.32.0/20 1:110:10.0.96.0/116; RT 1:110
192.168.2.128/28
10.0.96.0/20 1:120:10.0.112.0/116; RT 1:120
192.168.4.128/28
1:130:192.168.4.128/124; RT 1:130
Award Solutions Proprietary Export/Import RT 1:130

The RT is an extended 8-byte Community Attribute. A No: Number>, which assigns the same RT for both import
unique RT extended community has to be assigned to and export. The other method to assign RTs is by using
each VPN customer. While advertising outbound on MP- commands route-target export <AS No: Number> and
iBGP, we attach a VPN specific RT to every MP-iBGP Peer. route-target import <AS No: Number> to assign the export
Format of RT is same as RD. By default Cisco routers use and import RTs separately. In the case of Extranet
Type-1 format [AS No:Number] implementation, we use the second method to configure
different RTs to import and export.
RT is the VPN specific value. It should be same across all
the VRFs belong to the same customer.
The RD need not be same across the across all VRFs of a
customer (RD is locally specific on a router to differentiate
the routes from other VRFs) but, by convention, we use
the same value that was assigned to RT.
RT configuration has two parts. One is known as export
RT, which is attached to MP-BGP advertisements as
Extended Route-Target Community Attribute, along with
the VPNv4 routes advertisements. The other one is import
RT, which is to filter out only the required VPNv4 routes
with the matching RT community as in the import RT
configured for that VRF.
There are two methods to configure the route targets for
VRFs. The first one is by command route-target both <AS

Award Solutions' eBook is authorized for a single user only. Do not distribute.
170
9 | L3VPN Routing

Route-Target (Continued)
Export/Import RT 1:110 Export/Import RT 1:120
MPBGP Table
VRF LTE VRF EVDO
1:110:10.0.96.0/116; RT 1:110
10.0.96.0/20 10.0.112.0/20
1:120:10.0.112.0/116; RT 1:120
10.0.32.0/20 10.0.48.0/20
1:130:192.168.4.128/124; RT 1:130
1:110:10.0.32.0/116; RT 1:110
1:120:10.0.48.0/116; RT 1:120 VRF OAM
1:130:192.168.2.128/124; RT 1:130 192.168.4.128/28
192.168.2.128/28
Export RT ORL_PE Export/Import RT 1:130
Import RT MP-iBGP
Export/Import RT 1:120
MIA_PE VRF EVDO
MPBGP Table 10.0.48.0/20
Export/Import RT 1:110 1:110:10.0.32.0/116; RT 1:110 10.0.112.0/20
1:120:10.0.48.0/116; RT 1:120
VRF LTE 1:130:192.168.2.128/124; RT 1:130 VRF OAM
10.0.32.0/20 1:110:10.0.96.0/116; RT 1:110
192.168.2.128/28
10.0.96.0/20 1:120:10.0.112.0/116; RT 1:120
192.168.4.128/28
1:130:192.168.4.128/124; RT 1:130
Award Solutions Proprietary Export/Import RT 1:130

The example shown above explains the exchange of VRF MIA_PE and vice versa.
routes between ORL_PE and MIA_PE. ORL_PE has been
The import RT configured in each VRF filters out the
created with VRF LTE, VRF EVDO and VRF OAM. The LTE
required route with the matching RT, removes the RD and
customers route 10.0.96.0/20 is populated in VRF LTE.
modifies the prefix-length and writes into the IPv4 VRF.
The EVDO customers route 10.0.112.0/20 is populated
in VRF EVDO. The OAM interfaces route The export RT is indicated in the chart above with an
192.168.4.128/28 is populated in VRF OAM. arrow from the VRF toward the MP-BGP table and the
import of the route is shown by an arrow from the MP-BGP
These routes are transferred to MP-BGP table as VPNv4
table toward the VRF via an import RT filter.
routes (by prepending the RD) along with the export RT
configured. The VRF LTE of ORL_PE can see only the routes of VRF
LTE belong to MIA_PE and vice versa. The same is the
In the same way, MIA_PE has been created with VRF LTE,
case with VRF EVDO and VRF OAM.
VRF EVDO and VRF OAM. The LTE customers route
10.0.32.0/20 is populated in VRF LTE. The EVDO The routes received from other PEs via MP-iBGP are
customers route 10.0.48.0/20 is populated in VRF EVDO. advertised toward the CE router, which is not shown in the
The OAM interfaces route 192.168.2.128/28 is diagram for simplicity.
populated in VRF OAM.
These routes are transferred to MP-BGP table as VPNv4
routes (by prepending the RD) along with the export RT
configured.
Now the MP-iBGP is ready to transport the routes across
to other PEs. ORL_PE receives the advertisement from

Award Solutions' eBook is authorized for a single user only. Do not distribute.
171
9 | L3VPN Routing

L3VPN Routing

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
172
9 | L3VPN Routing

L3VPN Routing
Pro Network NHOP Label(s) Pro Network NHOP Label(s)
B 10.0.112.0/20 CE_EVDO -------- B 10.0.48.0/20 CE_EVDO --------
B 10.0.48.0/20 MIA_PE 18, 25 B 10.0.112.0/20 ORL_PE 20, 35

VPNv4=1:120 10.0.112.0/116, RT=1:120, NH=ORL_PE,


MP-iBGP VPN Label = 35
VPNv4=1:110 10.0.96.0/116, RT=1:110, NH=ORL_PE,
e-BGP VPN Label = 36 e-BGP

CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO

ORL_PE GRT GRT


P1
P MIA_PE
LDP: Label=3 LDP: Label=20
VRF LTE
VRF LTE

CE_LTE CE_LTE
VPNv4=1:120 10.0.48.0/116, RT=1:120, NH=MIA_PE,
VPN Label = 25
e-BGP e-BGP
VPNv4=1:110 10.0.32.0/116, RT=1:110, NH=MIA_PE,
VPN Label = 26 MP-iBGP
Pro Network NHOP Label(s)
B 10.0.96.0/20 CE_LTE -------- Pro Network NHOP Label(s)

B 10.0.32.0/20 MIA_PE 18, 26 B 10.0.32.0/20 CE_LTE --------


B 10.0.96.0/20 ORL_PE 20, 36
Award Solutions Proprietary

Before the L3VPN routing happens the MPLS core builds Orlando: VRF EVDO:10.0.112.0/20 via CE_EVDO,
the LSPs for all of the IP network.
VRF LTE :10.0.96.0/20 via CE_LTE
MIA_PE assigns and advertises Label 3 for its loopback IP
Miami: VRF EVDO:10.0.48.0/20 via CE_EVDO,
address since it is directly connected. The P router assigns
Label 18 for MIA_PEs loopback IP address and advertises VRF LTE :10.0.32.0/20 via CE_LTE
toward ORL_PE. The LSP, with a sequence of label 183, An MP-iBGP session is established between the loopback
from ORL_PE to MIA_PE is signaled successfully. The address of the PEs. Full-Mesh MP-iBGP is must between
Orlando site uses this tunnel to forward the IP packets all PEs. The P router need not participate in MP-iBGP as it
toward the Miami site. has no customers/VRFs.
ORL_PE assigns and advertises Label 3 for its loopback IP
address since it is directly connected. The P router assigns
Label 20 for ORL_PEs loopback IP address and
advertises toward MIA_PE. The LSP, with a sequence of
label 203, from MIA_PE to ORL_PE is signaled
successfully. The Miami site uses this tunnel to forward
the IP packets toward the Orlando site. Remember that
these LSP tunnels are one way for the IP traffic.
The CE routers of EVDO and LTE advertise their routes into
the VRFs they are connected to using the eBGP protocol.
The EVDO and LTE VRFs are now populated with the
customer routes.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
173
9 | L3VPN Routing

L3VPN Routing (Continued)


Pro Network NHOP Label(s) Pro Network NHOP Label(s)
B 10.0.112.0/20 CE_EVDO -------- B 10.0.48.0/20 CE_EVDO --------
B 10.0.48.0/20 MIA_PE 18, 25 B 10.0.112.0/20 ORL_PE 20, 35

VPNv4=1:120 10.0.112.0/116, RT=1:120, NH=ORL_PE,


MP-iBGP VPN Label = 35
VPNv4=1:110 10.0.96.0/116, RT=1:110, NH=ORL_PE,
e-BGP VPN Label = 36 e-BGP

CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO

ORL_PE GRT GRT


P1
P MIA_PE
LDP: Label=3 LDP: Label=20
VRF LTE
VRF LTE

CE_LTE CE_LTE
VPNv4=1:120 10.0.48.0/116, RT=1:120, NH=MIA_PE,
VPN Label = 25
e-BGP e-BGP
VPNv4=1:110 10.0.32.0/116, RT=1:110, NH=MIA_PE,
VPN Label = 26 MP-iBGP
Pro Network NHOP Label(s)
B 10.0.96.0/20 CE_LTE -------- Pro Network NHOP Label(s)

B 10.0.32.0/20 MIA_PE 18, 26 B 10.0.32.0/20 CE_LTE --------


B 10.0.96.0/20 ORL_PE 20, 36
Award Solutions Proprietary

ORL_PE advertises the contents of VRF EVDO and VRF Orlando:


LTE as VPNv4 routes along with the Next-Hop, Route-
VRF EVDO:10.0.112.0/20 via CE_EVDO
Target and VPN Label toward MIA_PE.
10.0.48.0/20 via MIA_PE ; Label imposed { 18, 25}
VPNv4=1:120:10.0.112.0/116; RT=1:120;
NH=ORL_PEs Loopback Address; VPN Label=35 VRF LTE :10.0.96.0/20 via CE_LTE

VPNv4=1:110:10.0.96.0/116; RT=1:110; 10.0.32.0/20 via MIA_PE ; Label imposed { 18, 26}


NH=ORL_PEs Loopback Address; VPN Label=36 Miami:
MIA_PE does the same toward ORL_PE. VRF EVDO:10.0.48.0/20 via CE_EVDO
VPNv4=1:120:10.0.48.0/116; RT=1:120; 10.0.112.0/20 via ORL_PE ; Label imposed { 20, 35}
NH=MIA_PEs Loopback Address; VPN Label=25
VRF LTE :10.0.32.0/20 via CE_LTE
VPNv4=1:110:10.0.32.0/116; RT=1:110;
NH=MIA_PEs Loopback Address; VPN Label=26 10.0.96.0/20 via ORL_PE ; Label imposed { 20, 36}

The VRF EVDO and VEF LTE of Orlando and Miami sites These routes received from other PEs over MP-iBGP are
are updated with the routes received over MP-IBGP. The advertised as IPv4 routes toward the CEs over eBGP and
import Route Target configured per VRF filters and allow the customer routing table is updated accordingly. The
only the routes with the matching RT. CEs routing tables are not shown in the chart.

The contents of EVDO and LTE VRFs are shown below The end-to-end L3VPN routing is ready between the two
after the MP-iBGP updates are exchanged between sites after this process and ready to forward the customer
ORL_PE and MIA_PE. traffic between EVDO Networks and LTE networks.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
174
9 | L3VPN Routing

L3VPN Forwarding ORL to MIA


Pro Network NHOP Label(s) Pro Network NHOP Label(s)
B 10.0.112.0/20 CE_EVDO -------- B 10.0.48.0/20 CE_EVDO --------
B 10.0.48.0/20 MIA_PE 18, 25 B 10.0.112.0/20 ORL_PE 20, 35

IP Packet 25 18
IP Packet 25
IP Packet 26 18
IP Packet 26

CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO

ORL_PE GRT GRT


P1
P MIA_PE
LDP: Label=3 LDP: Label=20
VRF LTE
VRF LTE

CE_LTE CE_LTE

Pro Network NHOP Label(s) Pro Network NHOP Label(s)


B 10.0.96.0/20 CE_LTE -------- B 10.0.32.0/20 CE_LTE --------
B 10.0.32.0/20 MIA_PE 18, 26 B 10.0.96.0/20 ORL_PE 20, 36

Award Solutions Proprietary

The end-to-end L3VPN routing is ready between Orlando MIA_PE:


and Miami sites. The network is now ready to handle the
The VPN Label 25 was advertised by MIA_PE for the VRF
end-to-end VPN traffic. The above chart describes the
EVDO route 10.0.48.0/20. The packet is forwarded to
L3VPN forwarding of traffic from Orlando sites towards
VRF EVDO after popping Label 25. The VRF EVDO refers
Miami sites.
the entry 10.0.48.0/20 and forwards the IP packet
CE_EVDO of Orlando: toward the CE EVDO of the Miami site.
CE_EVDO of Orlando site sends an IP packet to the In the same way, the IP packets from Orlando LTE
destination 10.0.48.65, which is parented to CE_EVDO of networks are forwarded toward Miami LTE sites using
the Miami site. The IP packet arrives at ORL_PE and VRF inner label 26 and outer label 18.
EVDO is referred for further routing.
ORL_PE:
VRF EVDO checks the entry, 10.0.48.0/20, and forwards
the IP packet with Labels 18, 25; 18 being the outer label,
which leads to the NH MIA_PEs loopback address and 25
being the VPN label represents the VRF route
10.0.48.0/20 on MIA_PE.
P router:
The P router pops (PHP) the label and forwards the packet
with Label 25 toward MIA_PE.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
175
9 | L3VPN Routing

L3VPN Forwarding MIA to ORL


Pro Network NHOP Label(s) Pro Network NHOP Label(s)
B 10.0.112.0/20 CE_EVDO -------- B 10.0.48.0/20 CE_EVDO --------
B 10.0.48.0/20 MIA_PE 18, 25 B 10.0.112.0/20 ORL_PE 20, 35

CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO

ORL_PE GRT GRT


P1
P MIA_PE
LDP: Label=3 LDP: Label=20
VRF LTE
VRF LTE

CE_LTE CE_LTE

20 35 IP Packet
35 IP Packet
20 36 IP Packet
36 IP Packet

Pro Network NHOP Label(s) Pro Network NHOP Label(s)


B 10.0.96.0/20 CE_LTE -------- B 10.0.32.0/20 CE_LTE --------
B 10.0.32.0/20 MIA_PE 18, 26 B 10.0.96.0/20 ORL_PE 20, 36

Award Solutions Proprietary

The above chart describes the L3VPN forwarding of traffic VRF EVDO after popping Label 35. The VRF EVDO refers
from Miami sites towards Orlando sites. the entry 10.0.112.0/20 and forwards the IP packet
toward the CE EVDO of Orlando Site.
CE_EVDO of Miami:
In the same way, the IP Packets from Miami LTE networks
CE_EVDO of Miami site sends an IP packet to the
are forwarded toward Orlando LTE sites using inner label
destination 10.0.112.65, which is parented to CE_EVDO
36 and outer label 20.
of the Orlando site. The IP packet arrives at MIA_PE and
VRF EVDO is referred for further routing.
MIA_PE:
VRF EVDO checks the entry, 10.0.112.0/20, and forwards
the IP packet with Labels 20, 35; 20 being the outer label,
which leads to the NH ORL_PEs loopback address, and
35 being the VPN Label represents the VRF route
10.0.112.0/20 on ORL_PE.
P router:
The P router pops (PHP) the label and forwards the packet
with Label 35 toward ORL_PE.
ORL_PE:
The VPN Label 35 was advertised by ORL_PE for the VRF
EVDO route 10.0.112.0/20. The packet is forwarded to

Award Solutions' eBook is authorized for a single user only. Do not distribute.
176
9 | L3VPN Routing

Site-of-Origin
Site-of-Origin
120:4 ORL_PE2

CE_EVDO
eBGP VRF-EVDO
PROTOCOL ROUTE
B 10.0.112.0/20
AS 120
VRF-LTE SoO 120:4
SoO 110:4
eBGP
PROTOCOL
B
ROUTE
10.0.96.0/20 MIA_PE2
PE
VRF EVDO
VRF LTE

eBGP ORL_PE1 VRF EVDO


P
Site-of-Origin
110:4
VRF-EVDO
PROTOCOL ROUTE
MIA_PE1

VRF LTE

SoO 120:4
B 10.0.112.0/20
SoO 110:4
VRF-LTE
CE_LTE eBGP
PROTOCOL ROUTE
AS 110
B 10.0.96.0/20
Award Solutions Proprietary

The Site-of-Origin (SoO) is the Extended Community routers records this route in VRF EVDO.
Attribute that is attached with MP-BGP advertisements
CE_LTE advertises 10.0.96.0/20 with AS_Path attribute
when configured. It uses a 64-bit format. RD and RT also
110 using eBGP. The ORL_PE1 and ORL_PE2 routers
uses the same format. Two formats are currently defined.
records this route in VRF LTE.
Type-1: [AS Number: Number] format of [16 bits: 32 bits].
The AS_Override feature is used in the Core Network to
Type-2: [Loopback Address of PE: Number]. Cisco routers
connect all the EVDO and LTE networks as the same AS
use Type-1 SoO format by default.
number is used across all the sites. We have to advertise
SoO is useful in the multi-homing scenario shown for CE the SoO along with the VPNv4, RT, NH and Label.
routers. SoO is always implemented when the AS_Override
feature is used L3VPN. With AS _Override the original AS
number is replaced with the Core AS number and the loop
cannot be prevented based on the AS_Path attribute by
comparing the selfs AS number in the AS_Path attribute.
In this situation SoO plays an important role.
SoO identifies the Site-of-Origin. Lets assign SoO for EVDO
and LTE networks of Orlando Site-4: CE_EVDO of Orlando
is 120:4 and CE_LTE of Orlando is 110:4. In our example
above, CE_EVDO and CE_LTE of Orlando site are
connected to ORL_PE1 and ORL_PE2 for redundancy.
CE_EVDO advertises 10.0.112.0/20 with AS_Path
attribute 120 using eBGP. The ORL_PE1 and ORL_PE2

Award Solutions' eBook is authorized for a single user only. Do not distribute.
177
9 | L3VPN Routing

Site-of-Origin (Continued)
Site-of-Origin
120:4 ORL_PE2

CE_EVDO
eBGP VRF-EVDO
PROTOCOL ROUTE
B 10.0.112.0/20
AS 120
VRF-LTE SoO 120:4
SoO 110:4
eBGP
PROTOCOL
B
ROUTE
10.0.96.0/20 MIA_PE2
PE
VRF EVDO
VRF LTE

eBGP ORL_PE1 VRF EVDO


P
Site-of-Origin
110:4
VRF-EVDO
PROTOCOL ROUTE
MIA_PE1

VRF LTE

SoO 120:4
B 10.0.112.0/20
SoO 110:4
VRF-LTE
CE_LTE eBGP
PROTOCOL ROUTE
AS 110
B 10.0.96.0/20
Award Solutions Proprietary

ORL_PE1 advertises the SoO 120:4 and 110:4 for EVDO


and LTE networks over MP-iBGP. ORL_PE2 advertises the
same. These advertisements are received by all other
sites that have different SoO configured. The SoO of other
sites are not shown in the diagram.
ORL_PE1 is also peering with ORL_PE2 and vice versa.
ORL_PE1s advertisement with SoO 120:4 is received by
ORL_PE2 for EVDO routes. The VRF EVDO on ORL_PE2
rejects these routes since it is matching with the SoO
configured for the VRF EVDO. The same is the case with
the routes of VRF LTE with SoO 110:4.
Thus the Site-of-Origin (SoO) prevents a routing loop of the
customer routes when the AS_Override feature is being
used.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
178
9 | L3VPN Routing

Route-Target/Site-of Origin Format

Route Target and Site-of-Origin Format


8 Bytes (64 bits)
Route Target and Site-of-Origin Format Type-1
Type=1 AS Number Number
(2 Bytes) (2 Bytes) (4 Bytes)
8 Bytes (64 bits)
Route Target and Site-of-Origin Format Type-2
Type=2 PEs Loopback Address Number
(2 Bytes) (4 Bytes) (2 Bytes)

Award Solutions Proprietary

RT and SoO are Extended Community Attributes that are The total Length of RT/SoO including the type field in both
attached with MP-BGP advertisements when configured to the formats is 64 bits (8 bytes).
do so.
Cisco routers use the Type-1 RT/SoO format by default.
They use a 64-bit format as shown in the chart above. RD
also uses the same format. Two formats are currently
defined.
Type-1 RT/SoO Format: [AS Number: Number] format
of [16 bits: 32 bits]. A two-byte type field is
prepended to this value. The type field contains
additional information to differentiate the RT from
SoO.
Examples of Type-1 RT/SoO are: 1:120, 1:110.
Type-2 RT/SoO Format: The Type-2 RT/SoO uses
[Loopback Address of PE: Number] format of [32 bits:
16 bits]. A two byte type field is prepended to this
value. The type field contains additional information
to differentiate the RT from SoO.
Examples of Type-2 RT/SoO are 172.16.0.129:120,
172.16.0.129:110.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
179
9 | L3VPN Routing

iBGP Multipath Example


Core Network AS 1
10.0.16.0/20
AS_Path: 1
NH:172.16.0.129
UE
UE
MP-iBGP

TAM_PE1
PALM_PE1 P1
P1 BTS
BTS VRF
VRF BTS
BTS EVDO
EVDO
1x EVDO
1x EVDO Network
Network AS 120
AS 120 CE 1xEVDO
1xEVDO CE
TAM Site-3
PALM Site-1 VRF VRF
EVDO EVDO
PALM_PE2 P1
P2 TAM_PE2
MP-iBGP
10.0.16.0/20
AS_Override 120 1 AS_Path: 1
NH:172.16.0.130
Award Solutions Proprietary

BGP multipath is the feature of MP-iBGP to install the The iBGP multipath feature is available on MPLS enabled
multiple paths to the same destination in the routing table routers. In the case that CE routers are MPLS-capable we
instead of choosing the best one based on the Path can implement the eBGP multipath feature on CEs to
Determination algorithm. When this feature is enabled, install the multiple paths.
the path determination algorithm is ignored. When CEs
are multi-homing, this feature can be used. The
advantages of BGP multipath are load balancing and fast
convergence in the MPLS Core.
In the chart shown above, the EVDO network of Palm Bay
Site-1 is multi-homed to PALM_PE1 and PALM_PE2, and
advertises 10.0.16.0/20 with AS_Path 120.
These advertisements reach TAM_PE1 and TAM_PE2
routers at Tampa Site-3. Both the PE routers at the Tampa
site receives an advertisement from PALM_PE1 and
PALM_PE2.
Since the iBGP multipath feature is configured in the VRFs
of TAM_PE1 and TAM_PE2, it overrides the path
determination algorithm and records both the paths for
the destination 10.0.16.0/20.

Award Solutions' eBook is authorized for a single user only. Do not distribute.
180
9 | L3VPN Routing

Summary
L3VPN uses the Provider-Customer Model.
L3VPN requires OSPF, LDP and MPLS in the Core.
eBGP is usually used between the PE and CE.
MP-iBGP is used to exchange the routes between VRFs.
MP-iBGP adds RD to the VRF routes, converts to VPNv4 and
advertises to other PEs.
The Route-Target, Next-Hop, and VPN Label are also
advertised for each VPNv4 Route by MP-iBGP.
The IP Packets of VPN customers are forwarded over the
MPLS Core by stacking with VPN Label (inner label) and IGP
Label (outer label).

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
181
9 | L3VPN Routing

Review Questions - I
1. The Forwarding Information Base (FIB) is used to forward:
A. Only IP packets.
B. Only labelled packets.
C. Both IP packets and labelled IP packets.
2. The Label Forwarding Information Base (LFIB) is used to forward:
A. Only IP packets.
B. Only labelled packets.
C. Both IP packets and labelled IP packets.
3. The VRF parameters are:
A. RD, Import-RT, Export-RT and Next-Hop Attribute.
B. RD, Import-RT and Export RT.
C. RD and Export RT.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
182
9 | L3VPN Routing

Review Questions - II
4. The purpose of the Import-RT is to:
1. Allows only the route with the matching RT .
2. Allows only the route with the matching RD.
3. Allows only the route with matching RT and RD.
5. Site-of-Origin (SoO) is advertised in MP-iBGP to:
1. To prevent routing loops for the customer routes.
2. To prevent routing loops for the provider routes.
3. To prevent routing loops for all network routes.
6. The advantage of the iBGP Multipath feature in multi-homing
scenario is:
1. The convergence time is negligible in case of single-link failure.
2. Load balancing in the MPLS Core in not required.
3. MPLS Core Bandwidth is multiplied.

Award Solutions Proprietary

Award Solutions' eBook is authorized for a single user only. Do not distribute.
183
Award Solutions' eBook is authorized for a single user only. Do not distribute.
184
Acronyms

3G Third Generation Wireless Systems


4G Fourth Generation Wireless Systems
AAA Authentication, Authorization and Accounting
ABR Area Border Router
AP Access Point
AS Autonomous System
ASBR Autonomous System Boundary Router
AT Access Terminal
BDR Backup Designated Router
BGP Border Gateway Protocol
BGPv4 Border Gateway Protocol version 4
BTS Base Transceiver Station
CE Customer Edge
CIDR Classless Inter-Domain Routing
CN Core Network
DP Data Path
DR Designated Router
eBGP exterior Border Gateway Protocol
EGP External Gateway Protocol
eNB Evolved NodeB or E-UTRAN NodeB
EPC Evolved Packet Core
EXP Experimental
FIB Forwarding Information Base
FL Forward Link
GGSN Gateway GPRS Support Node
GigE Gigabit Ethernet
GPRS General Packet Radio Service
GRT Global Routing Table
GW Gateway
HA Home Agent
HSS Home Subscriber Server
IANA Internet Assigned Numbers Authority
iBGP interior Border Gateway Protocol
ICMP Internet Control Message Protocol
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
IGP Interior Gateway Protocol
IMS IP Multimedia Subsystem
IP Internet Protocol
IPS Intrusion Prevention System
IPv4 Internet Protocol version 4

Award Solutions' eBook is authorized for a single user only. Do not distribute.
185
Acronyms

IPv6 Internet Protocol version 6


IS Interim Standard
ISP Internet Service Provider
L3VPN Layer 3 Virtual Private Network
LAN Local Area Network
LDP Label Distribution Protocol
LER Label Edge Router
LFIB Label Forwarding Information Base
LIB Label Information Base
LSA Link State Advertisement
LSDB Link State Database
LSP Labeled Switched Path
LSR Label Switched Router
LTE Long Term Evolution
MAC Medium Access Control
MED Multi Exit Discriminator
MLS Multi Layer Switch
MME Mobility Management Entity
MP-BGP Multi Protocol Border Gateway Protocol
MPLS Multi Protocol Label Switching
MSC Mobile Switching Center
MSTP Multiple Spanning Tree Protocol
MTSO Mobile Telephone Switching Office
MTU Maximum Transmission Unit
NTE Network Termination Equipment
OAM Operations, Administration and Maintenance
OSPF Open Shortest Path First
P Provider node
PCF Packet Control Function
PDSN Packet Data Serving Node
PE Provider Edge
P-GW Packet Data Network Gateway
PHP Penultimate Hop Pop
POP Point of Presence
PS Packet-Switched
PS-CN Packet Switched Core Network
PVSTP+ Per-VLAN Spanning Tree Protocol Plus
QoS Quality of Service
RD Route Distinguisher
RFC Request For Comment
RIB Routing Table

Award Solutions' eBook is authorized for a single user only. Do not distribute.
186
Acronyms

RID Router ID
RIP Routing Information Protocol
RNC Radio Network Controller
RR Route Reflector
RSTP Rapid Spanning Tree Protocol
RT Route Target
S1-U S1 - User Plane
SAFI Subsequent-Address Family Identifier
SGSN Serving GPRS Support Node
S-GW Serving Gateway
SoO Site-of-Origin
SPF Shortest Path First
STP Spanning Tree Protocol
SW Switch
TCP Transmission Control Protocol
UE User Equipment
UMTS Universal Mobile Telecommunications System
VLAN Virtual Local Area Network
VPN Virtual Private Network
VPNv4 Virtual Private Network Version 4 (Cisco)
VRF Virtual Routing and Forwarding

Award Solutions' eBook is authorized for a single user only. Do not distribute.
187
Award Solutions' eBook is authorized for a single user only. Do not distribute.
188
References

Standards
1. Moy, J., OSPF Version 2, RFC 2328, RFC 2328, April 1998.
2. Berger, L., Bryskin, I., et al, The OSPF Opaque LSA Option, RFC 5250, July 2008.
3. Rekhter, Y. (ed.), Li T. (ed.), and Hares, S. (ed.), A Border Gateway Protocol 4, RFC 4271, January 2006.
4. T. Bates, R. Chandra, D. Katz, Y. Rekhter , Multiprotocol Extensions for BGP-4 , RFC4760, January 2007 DRAFT
STANDARD
5. Rosen, E., Viswanatha, A., and Callon, R., Multiprotocol Label Switching Architecture, RFC 3031, January 2001.
6. E. Rosen, D. Tappan, G. Fedorkow, Y. Rekhter, D. Farinacci, T. Li, A. Conta , MPLS Label Stack Encoding ,
RFC3032, January 2001 PROPOSED STANDARD
7. Andersson, L. (ed.), Minei, I. (ed.), and Thomas, B. (ed.), LDP Specification, RFC 5036, October 2007.
8. B. Thomas, E. Gray , LDP Applicability, RFC3037, January 2001, INFORMATIONAL RFC
9. Rosen, E., and Rekhter, Y., BGP/MPLS IP Virtual Private Networks (VPNs), RFC 4364, February 2006.
10. IEEE Std 802.1q-2005, IEEE Standard for Local and Metropolitan Area Networks Virtual Bridged Local Area
Networks.
11. IEEE Std 802.1d-2004, IEEE Standard for Local and Metropolitan Area Networks Media Access Control
(MAC) Bridges.

Web Sites

1. http://www.ietf.org
2. http://www.ieee.org
3. http://www.iana.org
4. http://www.cisco.com
5. http://www.ciscopress.com

Books
1. Jeff Doyle - CCIE No. 1919, Jennifer Carroll - CCIE No. 1402, CCIE Professional Development Routing TCP/IP,
Volume I, Second Edition, Cisco Press, October 2005
2. Jeff Doyle, Jennifer DeHaven Carroll, Routing TCP/IP, Volume II (CCIE Professional Development), Cisco Press,
Apr 2001
3. Ivan Pepelnjak, Jim Guichard, MPLS and VPN Architectures, Cisco Press, Oct 2000
4. Ivan Pepelnjak, Jim Guichard, Jeff Apcar, MPLS and VPN Architectures, Volume II, Cisco Press, Jun 2003
5. Lancy Lobo - CCIE No. 4690, Umesh Lakshman, MPLS Configuration on Cisco IOS Software, Cisco Press,
October 2005

Award Solutions' eBook is authorized for a single user only. Do not distribute.
189

Potrebbero piacerti anche