Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ROUTING AND
ETHERNET BRIDGING
IP CONVERGENCE & IMS CURRICULUM
Award Solutions' eBook is authorized for a single user only. Do not distribute.
IPC_207
2100 Lakeside Blvd., Suite 300
Richardson, TX 75082 USA
Phone: +1.972.664.0727
Website: www.awardsolutions.com
If you have any questions, concerns or comments regarding this course please write to us at:
friends@awardsolutions.com
This course book and the material and information contained in it are owned by Award Solutions, Inc. (Award Solu-
tions) and Award Solutions reserves for itself and successors and assigns all right, title and interest in and to the
Award Content, Award Solutions logos and other trademarks, including all copyrights, authorship rights, moral
rights, publication and distribution rights, trademarks and other intellectual property rights. Award grants no license
or other rights in the contents of the course book or course, except as may be expressly set forth in a duly executed
written agreement between Award Solutions and the authorized user of this course book or the users employee or
principal. This course book shall not be modified, reproduced, disseminated, or transmitted by or in any medium,
form or means, electronic or mechanical, including photocopying, recording or any information retrieval system, in
whole or in part, without Award Solutions, Inc.s express, prior written consent signed by an authorized officer
whose authority is evidenced by a duly signed corporate resolution.
This course book was designed for use as a student guide with the subject matter course taught by Award Solu-
tions authorized employees and contractors. It was not designed to be a standalone textbook. Award Solutions
makes no representations or warranties and disclaims all implied warranties with respect to the information con-
tained herein or products derived from use of such information and Award Solutions undertakes no obligation to
update or otherwise modify the information or to notify the purchaser or any user of any update or obsolescence.
To the extent permitted by applicable law, Awards total liability in connection with the course and/or course materi-
al is the amount actually received by Award from the purchaser/user for the purchase or license of the course and
course material. This course book is not made for publication or distribution in the public domain and shall not be
published or placed in the public domain, in whole or in part, without Award Solutions, Inc.s express, prior written
consent signed by an authorized officer whose authority is evidenced by a duly signed corporate resolution.
The 3GPP, LTE and LTE-Advanced logos are the property of Third Generation Partnership Project (3GPP). The
3GPP2 logo is property of Third Generation Partnership Project (3GPP2) and its organization partners. The
content of this document is based on 3GPP/LTE and 3GPP2 specifications which are available at
www.3gpp.org, and www.3gpp2.org.
About Award Solutions
AWARD SOLUTIONS, INC. has over 18 years of We offer a multitude of delivery methods and services:
training excellence in advanced wireless, IP, and network
virtualization technologies. Our products and services ON-SITE TRAINING: Our Subject Matter Experts
provide our customers with innovative, flexible, and cost- travel to your facility to engage the students in
effective solutions that help rapidly boost workforce an interactive learning experience. This is a great
productivity to more quickly meet market demands. option for teams with 12 or more people.
Whether you are a training manager responsible for a large OUR PROMISE
organization, or a team lead responsible for enhancing your To continually demonstrate our core values: Integrity,
teams skills, Award Solutions can meet your technology Expertise, Flexibility, Teamwork and Excellent Return on
training needs. Investment.
SOFTWARE-DEFINED NETWORKS
Orchestrating elastic network functions and
ser vices through software
CLOUD COMPUTING
Pooled computing resources accessed in a self-serve way
API SDN
[Application [Software-Defined
Program Interface] BIG Networking]
DATA NFV
A programmatic Making networking
interface that makes [Network Functions capabilities elastic
Finding insights ORCHESTRATION
resources Virtualization] through centralized
by analyzing
software-accessible Running virtualized control
volumes of Automating workflow
diverse data to coordinate network network nodes on
functions and services commoditized
hardware
Table of Contents
Chapter 1: Prologue 1
Chapter 2: Spanning Tree Protocol 7
Broadcast Storms and STP 9
Rapid Spanning Tree Protocol (RSTP) 14
Multiple Spanning Tree Protocol (MSTP) 19
Chapter 3: Routing Table 27
Routing Table Concepts 29
The Longest Match 36
Recursive Routing 40
Black Holes 42
Chapter 4: OSPF Key Concepts 47
Areas and Router Types 50
Link State Advertisements (LSA) 53
Link State Advertisements 57
Chapter 5: OSPF in Wireless Networks 67
Neighbor Discovery 70
Metrics 75
Areas 82
Chapter 6: BGPv4 Key Concepts 89
Autonomous Systems 92
BGP Messages 96
BGP Attributes and Routing Policy 100
Route Reflectors 111
Chapter 7: BGPv4 in Wireless Networks 117
Chapter 8: L3VPN in Wireless Networks 129
Interconnecting MTSOs 131
L3VPN Architecture 135
High-Level Operations 138
Chapter 9: L3VPN Routing 147
Provider-Customer Model 149
MPLS Router 151
VPN Routing and Forwarding 154
VPN Route Distribution using MP-iBGP 160
Route Distinguisher 162
VPNv4 and IPv4 Address Families 167
Route Target 169
Chapter 1:
Prologue
Award Solutions' eBook is authorized for a single user only. Do not distribute.
1
1 | Prologue
Objectives
After completing this module, you will be able to:
Explain why IP is the data transport of choice for
todays carrier networks
Explain the Customer-Provider Model and its use of
Layer 3 VPNs
Describe the customers found in a carriers
implementation of the Customer-Provider Model
List the routing protocols used in the typical
implementation of L3VPNs
Award Solutions' eBook is authorized for a single user only. Do not distribute.
2
1 | Prologue
Customer-Provider Model
Customer 1
CE
Site B
Customer 2
CE
Site A Site C
Customer 3
CE
Customer 1 Customer 1
CE CE
PE
Customer 2 P P Customer 2
CE Provider CE
PE PE
Customer 3 P P Customer 3
CE CE
PE
Customer 1
CE
Site D
Customer 2
CE
Customer 3
CE
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
3
1 | Prologue
Segregating Services
MTSO MTSO
3G Voice 3G Voice
CE MTSO CE
3G Data PE 3G Data
CE CE
P P
4G Data 4G Data
CE Core PE CE
PE
IMS P P IMS
CE CE
PE
OAM OAM
CE CE
MTSO
Peering Peering
CE CE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
4
1 | Prologue
Award Solutions' eBook is authorized for a single user only. Do not distribute.
5
1 | Prologue
Summary
Wireless equipment at the cell site used T1s as transport before the
use of IP.
IP interfaces in wireless networks carry user data, OA&M data and
signaling data.
The Customer-Provider Model implements L3VPNs to segregate the
data traffic of individual customers.
The customer networks found in a carriers network can include
networks belonging to individual customers, networks belonging to
technologies such as LTE and UMTS, and networks belonging to
particular traffic types such as OA&M.
In a network that implements Layer 3 VPNs (L3VPNs), eBGP is used
between CEs and PEs to exchange customer routes, MP-BGP is used
between PEs to distribute the customer routes, and OSPF is used
between the PEs and P for internal core routing exchanges.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
6
2 | Spanning Tree Protocol
Chapter 2:
Spanning Tree Protocol
Award Solutions' eBook is authorized for a single user only. Do not distribute.
7
2 | Spanning Tree Protocol
Objectives
After completing this module, you will be able to:
Explain how the Spanning Tree Protocol protects
networks from broadcast storms
Select the best Spanning Tree Protocol for a
given network
List the differences between STP, RSTP, and
MSTP
Describe the significance of the root switch to
the Spanning Tree Protocol
Award Solutions' eBook is authorized for a single user only. Do not distribute.
8
2 | Spanning Tree Protocol
Award Solutions' eBook is authorized for a single user only. Do not distribute.
9
2 | Spanning Tree Protocol
Cisco proprietary
Rapid-PVST+ One spanning tree per VLAN
Several version of spanning tree protocols have been It incorporates the performance improvements of RSTP
developed over the years. The most significant are: and includes support for VLANs. It is used in networks that
run only Cisco equipment, and is not widely supported by
Spanning Tree Protocol (STP)
other equipment vendors.
The first Spanning Tree Protocol published as a standard
Multiple Spanning Tree Protocol (MSTP)
by the Institute of Electrical and Electronic Engineering
(IEEE) in 802.1d-1990. It is generally no longer used in The latest version of the spanning tree protocol
service provider environments as it takes too long to standardized by the IEEE, originally published as 802.1s-
discover and react to changes in the network topology. It 2002 and later incorporated into 802.1q-2005. MSTP
also predates the existence of virtual LANs (VLANs). builds on the capabilities of RSTP and includes support for
multiple VLANs. One notable difference between MSTP
Rapid Spanning Tree Protocol (RSTP)
and Rapid-PVST+ regards the number of spanning tree
As its name implies, RSTP revamps the operation of the instances that run in the switch. Rapid-PVST+ requires
spanning tree protocol to reduce the time it takes to one spanning tree instance per VLAN, while MSTP allows
detect and react to changes in the topology. It does not, many VLANs to be mapped onto a single spanning tree.
however, incorporate support for VLANs. RSTP was first MSTP therefore operates more efficiently when large
published in 802.1w-2001, but was later incorporated numbers of VLANs are configured. MSTP also supports
into 802.1d-2004. hierarchical network design with the concept of a region.
Rapid Per-VLAN Spanning Tree Protocol Plus (Rapid- Topology changes affect the switches in the region, but
PVST+) are invisible to switches outside of the region. This allows
for more efficient operation in large-scale networks.
Rapid-PVST+ represents the an evolution in a series of
spanning tree protocols developed by Cisco Systems, Inc.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
10
2 | Spanning Tree Protocol
Broadcast Storms
bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast gi0/2 gi0/7
gi0/1 gi0/6
SW1 SW2
bcast bcast
bcast gi0/3 gi0/8 bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast
bcast bcast
Broadcast storms may occur whenever a loop exists in the 4. SW1 receives two broadcast frames. Ethernet
Ethernet LAN topology. The figure illustrates a simple case provides no means to determine that these are
in which a loop exists between two Ethernet switches. The copies of the frames that it recently forwarded on to
sequence of events unfolds as follows: SW1, so it must process them again. It receives one
frame (green) on port gi0/2 and forwards it out ports
1. The node on the left sends a broadcast frame. SW1
gi0/1 and gi0/3. It receives the other frame (red) on
receives it on port gi0/1.
port gi0/3 and forwards it out ports gi0/1 and gi0/2.
2. Whenever an Ethernet switch receives a broadcast The node on the left receives two copies of the frame
frame, it forwards the frame out all active ports, that it originally sent.
except the one on which the frame was received. In
The frames are now stuck in the loop. Ethernet has no
this case, SW1 forwards the frame out ports gi0/2
concept of a frame identifier, so the switches do not
(shown in red) and gi0/3 (shown in green).
recognize that they are processing the same frame again
3. SW2 receives two broadcast frames. Ethernet does and again. Ethernet also does not have a timeout
not provide any means to determine that these are, in mechanism, so the switches continue processing the
fact, two copies of the same original frame, so SW2 frames in this manner forever. And each iteration through
must process each one independently. It receives one the loop causes additional copies of the frame to be
frame (red) on port gi0/7 and forwards it out ports made, so the storm consumes an increasing amount of
gi0/6 and gi0/8. It receives the other frame (green) bandwidth, buffer space and processing time.
on port gi0/8 and forwards it out gi0/6 and gi0/7.
The node on the right receives two copies of the
frame.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
11
2 | Spanning Tree Protocol
CE CE
CE CE
Backhaul
Router
PE
PE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
12
2 | Spanning Tree Protocol
Before After
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
13
2 | Spanning Tree Protocol
Award Solutions' eBook is authorized for a single user only. Do not distribute.
14
2 | Spanning Tree Protocol
32768 32768
+ AABB:1122:0002 + AABB:1122:0003
32768
+ AABB:1122:0001
32768 32768
+ AABB:1122:0004 + AABB:1122:0005
32768
+ AABB:1122:0006
The Spanning Tree Protocol selects one switch to serve as has the numerically lowest address. By changing the
the root of the logical tree topology. The root switch priority of the switch at the top of the figure, we ensure
election process governs which switch gets selected as that it wins the root switch election.
the root and ensures that all switches make the same
selection. The procedure is relatively straightforward. Each
switch has a unique identifier. The switch with the lowest
identifier becomes the root. The identifier is a combination
of a priority value and the switchs MAC address. By
default, all switches use the same priority value, so the
root switch election boils down to which switch has the
numerically lowest MAC address.
Choosing the root switch based solely on the MAC address
is fairly arbitrary, but the loop detection procedures work
regardless of which switch gets elected to be the root. The
administrator may influence the outcome, however, by
overriding the default priority value and setting it to
something lower than the default value. The other
switches then select it as the root switch.
The figure illustrates the process of overriding the default
priority value to select the root switch. If we let all of the
switches use the default priority value of 32768, then the
switch in the center would become the root switch, since it
Award Solutions' eBook is authorized for a single user only. Do not distribute.
15
2 | Spanning Tree Protocol
Cost: 2000
Root Path Cost:
Cost: 2000 1 4000 Cost: 2000
Cost: 2000
Award Solutions' eBook is authorized for a single user only. Do not distribute.
16
2 | Spanning Tree Protocol
32768 32768
+ AABB:1122:0002 + AABB:1122:0003
32768
1
+ AABB:1122:0001
32768 32768
+ AABB:1122:0004 + AABB:1122:0005
Root Port
32768
Designated Port
+ AABB:1122:0006
Alternate Port
Port Roles
Root Port = per switch, shortest path to root switch; forwards traffic
Designated Port = per segment, shortest path to root; forwards traffic
Alternate Port = alternate, but less optimal path to root switch; discards
traffic
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
17
2 | Spanning Tree Protocol
Topology Changes
Link Fails
1 DP becomes RP
Proposal/
RP becomes
Agreement
DP
Proposal/ Root Port
Agreement Designated Port
AP becomes RP Alternate Port
Topology Changes
Nodes detect link failure through Physical Layer, or message timeout
Proposal and agreement process updates port roles
Topology Change Notification tells switches to flush MAC tables
When a switch detects the loss of a Physical Layer signal, example, the root path cost is the same for both alternate
the spanning tree algorithm re-assesses the port role ports, so the port priorities are considered. Similar to the
assignments in light of the new connectivity. If it root switch priority, the administrator can influence the
determines that a change is necessary, it sends a selection of the root switch by modifying the default
proposal of the new role to its neighboring switch. The priority value. If both ports have the same priority value,
neighboring switch re-assesses its own port roles based then the numerical port identifier is used to break the tie.
on this new information and may agree or, if it believes it The bottom-most switch sends a proposal to the
has better insight into the topology, issue a counter- neighboring switch (on its left in the figure). The proposal
proposal. Changing the role of one port on the switch may does not require it to change any of its port roles, so the
cause a ripple effect throughout the network. The configuration changes stop there. The network has re-
proposal/agreement exchanges propagate in a link-by-link converged on the new topology.
fashion away from the failure toward the root switch until
One task remains, however. Remember that each of the
it reaches a switch for whom the new proposal does not
switches in the network maintains a MAC table that
require any changes.
associated MAC addresses with port numbers. Some of
In the figure shown, the link that connects the center that information is now out of date. The root switch sends
switch to the root switch fails. This had been the center a Topology Change Notification, which the other switches
switchs root port. The precise details of the operation go use as a signal to flush stale data from their MAC tables.
beyond the scope of this discussion, but the loss of the
root port forces the center switch to change the remaining
ports role from designated port to root port. The bottom-
most switch changes its root port to a designated port and
must therefore unblock one of its alternate ports. In this
Award Solutions' eBook is authorized for a single user only. Do not distribute.
18
2 | Spanning Tree Protocol
Award Solutions' eBook is authorized for a single user only. Do not distribute.
19
2 | Spanning Tree Protocol
SWC MLS
SWD
Aggregation switches
SWB
Award Solutions' eBook is authorized for a single user only. Do not distribute.
20
2 | Spanning Tree Protocol
SWA
SWC MLS
SWD
Lets assume that the MLS is the root switch in our sample
topology. When the spanning tree algorithm runs, each
access switch selects a root port and an alternate port.
The root path costs are the same for both ports (assuming
of the same links are the same speed), so the selection of
the root and alternate ports is fairly arbitrary. In the figure
shown, the top-most port on SWA remains active, while the
bottom-most port gets blocked. SWB does just the
opposite of this.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
21
2 | Spanning Tree Protocol
SWA SWA
SWD SWD
MSTP
Efficient load balancing
Two spanning trees (one blocks port 1, the other blocks port 2)
Half of the VLANs get mapped to one spanning tree; half get mapped to the other
PVSTP+
Less efficient load balancing ; one spanning tree per VLAN
Half of the VLANs block port 1; the other half block port 2
RSTP
Single spanning tree, active/idle configuration, no load balancing
Award Solutions Proprietary
When redundant links are deployed in the network, half of the spanning trees to select the top-most port to be
service providers often prefer a load-balancing solution to the root port and the bottom-most port to be the alternate
a strict active/standby scheme. When multiple VLANs are port. We could configure the other half of the spanning
used, this can be accomplished by directing some VLAN trees to do just the opposite. The net effect is that the
traffic (for example, the even-numbered VLANs) across traffic would be evenly divided (assuming the cell sites
one of the redundant links and other VLAN traffic (for were equally loaded) across the two links. If either of the
example, the odd-numbered VLANs) across the other links failed, then the spanning trees would react by
redundant link. unblocking the alternate port and all traffic would be
directed over the remaining link.
Referring back to our sample topology, let us focus on the
links that connect access switch SWA to the aggregation
switches SWC and SWD. SWA carries traffic for 10 VLANs
(one per cell site). If RSTP is used to manage these links,
then load balancing is not possible. When RSTP computes
the spanning tree, the traffic for all 10 VLANs is carried
over the active link. The blocked link remains idle. This is
because RSTP does not support the notion of computing
multiple spanning trees.
Alternatively, one could use PVSTP+ instead. As its name
implies, Rapid PVSTP+ computes one spanning tree
solution for each VLAN configured on the switch. There
would therefore be 10 spanning trees in our example. By
overriding the default port priorities, we could arrange for
Award Solutions' eBook is authorized for a single user only. Do not distribute.
22
2 | Spanning Tree Protocol
SWA SWA
SWD SWD
MSTP
Efficient load balancing
Two spanning trees (one blocks port 1, the other blocks port 2)
Half of the VLANs get mapped to one spanning tree; half get mapped to the other
Rapid PVSTP+
Less efficient load balancing ; one spanning tree per VLAN
Half of the VLANs block port 1; the other half block port 2
RSTP
Single spanning tree, active/idle configuration, no load balancing
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
23
2 | Spanning Tree Protocol
MSTP Regions
Award Solutions' eBook is authorized for a single user only. Do not distribute.
24
2 | Spanning Tree Protocol
Summary
Spanning Tree Protocol (STP) prevents loops
from triggering broadcast storms in Layer 2
networks.
Rapid Spanning Tree Protocol (RSTP)
significantly reduces the time to detect and
recover from a failure.
Multiple Spanning Tree Protocol (MSTP) adds
support for VLANs.
MSTP provides an efficient means to load
balance VLAN traffic across multiple links.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
25
2 | Spanning Tree Protocol
Review Exercise
32768 + e05f:b903:5280
32768 + e05f:b903:753a
32768 + e05f:b903:535a
SWC MLS
32768 + e05f:b903:1121
SWD
32768 + e05f:b9c3:a2d0
32768 + e05f:b903:9863
SWB
32768 + e05f:b903:af3c
32768 + e05f:b93f:d9ea
Award Solutions' eBook is authorized for a single user only. Do not distribute.
26
3 | Routing Table
Chapter 3:
Routing Table
Award Solutions' eBook is authorized for a single user only. Do not distribute.
27
3 | Routing Table
Objectives
After completing this module, you will be able to:
Read and understand IP routing tables
Understand the factors that go into the route
selection algorithm
Identify the preferred route from a set of
alternates
Employ recursive routing techniques
Explain how black holes impact routing and why
a packet might be deliberately discarded
Award Solutions' eBook is authorized for a single user only. Do not distribute.
28
3 | Routing Table
Routing Table
Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
29
3 | Routing Table
Routing Table
Sources
Destination Source Cost Next Hop Forwarding
Static
Information
Connected 0.0.0.0/0 Static 1 192.168.1.1
Base
Dynamic 192.168.1.0/24 Connected 2 Gi 0/0
10.1.1.0/22 OSPF 10 10.5.3.8
172.16.0.0/16 BGP 20 192.168.7.30
The routing table is essentially a collection of network while its convenient to talk about the router searching the
addresses that the router knows how to reach. For a given routing table when it receives a packet, modern routers
inbound packet, the routing table indicates to which node copy the contents of the routing table into a more
it should forward the packet (the next hop) and/or the optimized data structure, typically called the Forwarding
outbound interface it should use to get there. The routing Information Base (FIB).
table entries may contain additional information used to
prioritize routes, indicate their origin and how long theyve
been around.
Routing table entries come from one of three possible
sources. The most straightforward source of routes are
the routers own network interfaces. If we configure an
interface with the address 192.168.1.1/24, then it stands
to reason that the router knows how to reach the nodes
on the 192.168.1.0/24 subnet. Similarly, so-called static
routes can be created by explicitly configuring the routes
on the router. Finally, the router can use a dynamic routing
protocol such as OSPF and BGPv4 to exchange routing
information with other routers.
Its worth noting that the routing table is only one
repository of routing information. Individual routing
protocols maintain databases that contain routing
information theyve learned from neighboring routers. And
Award Solutions' eBook is authorized for a single user only. Do not distribute.
30
3 | Routing Table
Award Solutions' eBook is authorized for a single user only. Do not distribute.
31
3 | Routing Table
Award Solutions' eBook is authorized for a single user only. Do not distribute.
32
3 | Routing Table
Prefix Length
R1# show ip route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d Prefix in Level 1 Route
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d
Prefix in Level 2 Route
136.141.0.0/24 is subnetted, 2 subnets
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary
The prefix length sets the range of addresses that a route Level 1 with Children
applies to. For example, if a network is listed as
Case 1: All Children have same prefix length.
10.10.10.0/24, the route applies to destination IP
addresses in the range from 10.10.10.0 to Level 1 route lists the prefix length, Child Routes
10.10.10.255. If the network is listed as 10.10.10.0/28, do not list prefix lengths.
the route applies to IP addresses in the range of Case 2: Children have different prefixes.
10.10.10.0 10.10.10. 15. All routes in a routing table
must have a prefix length in order to determine the range Prefix lengths are listed for each Child and the
of addresses that the route applies to. The range for each Level 1 route uses the classful prefix for the
route is not necessarily unique. The ranges for network.
10.10.10.0/28 is wholly contained in the range for
10.10.10.0/24. If you examine the sample routing table,
some routes do not have route prefixes, for example,
136.141.6.0 [1/0] via 12.122.125.4, 7w0d and
136.141.2.0 [120/0] via 12.122.125.4, 7w0d.
<COLUMN BREAK HERE>
The presence or absence of the prefix length in the
example table is determined by the rules below.
Level 1 with no Children
Level 1 route has its own prefix length.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
33
3 | Routing Table
Whats in a Route?
R1# show ip route
B 216.238.54.0/24 [20/0] via 12.123.1.236, 4w4d Route Code
O 216.221.5.0/24 [110/1] via 12.123.1.236, 7w0d
Admin.Distance/Metric
136.141.0.0/24 is subnetted, 2 subnets
S 136.141.6.0 [1/0] via 12.122.125.4, 7w0d Next-Hop Address
R 136.141.2.0 [120/0] via 12.122.125.4, 7w0d
170.162.0.0/19 is subnetted, 1 subnets
B 170.162.32.0 [20/0] via 12.123.1.236, 7w0d
170.160.0.0/20 is subnetted, 2 subnets
O 170.160.32.0 [110/1] via 12.122.125.4, 7w0d
O 170.160.64.0 [110/1] via 12.123.1.236, 3d15h, fa0/1/1
187.179.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 187.179.0.0/19 [20/0] via 12.123.1.236, 13:51:40, gi0/1
B 187.179.32.0/19 [20/0] via 12.123.1.236, 4w3d
S 187.179.64.0/18 [1/0] via 12.123.1.236, 4w3d
34.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
S 34.254.244.0/22 [1/0] via 12.122.125.4, 7w0d
S 34.254.112.0/21 [1/0] via 12.122.125.4, 7w0d
S 34.253.0.0/19 [1/0] via 12.123.1.236, 7w0d
Award Solutions Proprietary
Route Code of using the particular route. Metrics act as tie breakers
when the router must select between routes for the same
The route code indicates the source of the routing
destination network, which were learned from the same
information. The meaning of the codes is given at the top
dynamic routing protocol. Most routing protocols allow
of the routing table when working with the device. In our
Equal Cost Multi-Path (ECMP) and allow multiple routes to
example here, B=BGP, O=OSPF, S=Static, and R=RIP.
the same destination network having the same metric to
Connected routes (not shown here) are listed with a C and
be installed in the routing table. Traffic matching these
Local routes (AKA Host routes) are listed with an L. Host
routes is load-balanced across the ECMP routes. ECMP
routes represent the routers own IP addresses and carry
adds overhead to the forwarding function of a router as
a 32-bit prefix length.
the router must track which data stream is using which of
Administrative Distance the routes. Administrators can set the maximum number
The administrative distance is a precedence value of ECMP routes that are allowed per destination network.
assigned to the route, based on the source of the routing The metric may also be manipulated by an administrator
information. Some sources of routing information are to prefer one ECMP route over another.
considered more trustworthy than others, and have a Next-Hop Address
lower administrative distance. If the same route is learned
The next-hop address identifies the IP address of the
through multiple sources, the one with the lowest
device to which the router sends packets that match the
administrative distance gets installed into the routing
route. The next-hop address is typically the IP address of
table.
the router that provided the route.
Metric
Each route is assigned a metric to show the relative cost
Award Solutions' eBook is authorized for a single user only. Do not distribute.
34
3 | Routing Table
Administrative Distance
Source Administrative Distance
Connected 0
Static 1
EIGRP summary route 5
eBGP 20
Internal EIGRP 90
IGRP 100
OSPF 110
IS-IS 115
RIP 120
EGP 140
ODR 160
External EIGRP 170
iBGP 200
<Unknown> 255
Award Solutions Proprietary
In general, when a router knows more than one route to a administrative value is a configuration parameter set
particular destination, it prefers the one with the lowest within the router and is not exchanged by the routing
metric. This can be a problem when the routes were protocols (also unlike the route metrics).
learned from different sources because the metrics that
Routing protocols with lower administrative distances are
one routing protocol uses may not be consistent with the
deemed to be more reliable, accurate or trustworthy than
metrics used by other routing protocols. For example, BGP
those with higher administrative distances. The table
uses the number of Autonomous Systems (ASs) in its Path
shown here lists the default administrative values used by
Vector as a metric, while OSPF metrics are based on
Cisco routers. The defaults can be overridden, however, if
bandwidth. Relying solely on route metrics, the router
one wishes to change the relative rankings.
would not be able to select the best possible routes.
Finally, its worth noting that the administrative distance
The router uses the Administrative Distance to select the
determines which routes actually get installed in the
best possible route from among a set of alternate routes
routing table. Typically multiple routes to the same
that were learned from different routing sources. The
destination network (as specified by network address and
administrative distance is determined by the source of
prefix length) from different routing protocols are not
routing information. Routing information sources with
found in routing tables. Whichever one has the lower
lower administrative distance values are preferred over
administrative distance causes the others to be bumped
those with higher administrative distance values.
from the routing table.
Unlike the route metric, the administrative distance is not
set on a per-route basis. All routes from a particular
routing information source share the same administrative Source: What is Administrative Distance?, Document ID:
distance value. For example, all routes learned by OSPF 15986, Cisco.
have 110 as the administrative distance value. The
Award Solutions' eBook is authorized for a single user only. Do not distribute.
35
3 | Routing Table
Award Solutions' eBook is authorized for a single user only. Do not distribute.
36
3 | Routing Table
Is
Prefix
Route Range of Addresses 66.134.50.11
Length
in this range?
Award Solutions' eBook is authorized for a single user only. Do not distribute.
37
3 | Routing Table
Longest-Match Rule
Destination IP
01000010 10000110 00110010 00001011
66.134.50.11
Award Solutions' eBook is authorized for a single user only. Do not distribute.
38
3 | Routing Table
Longest-Match Exercise
1 66.0.0.0/8 0100 0010 0000 0000 0000 0000 0000 0000
Award Solutions' eBook is authorized for a single user only. Do not distribute.
39
3 | Routing Table
Recursive Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
40
3 | Routing Table
Recursive Routing
P1#show ip route Next Hop
1 10.0.0.0/30 is subnetted, 2 subnets, 2 masks address
10.1.0.4 [110/2] via 172.16.4.2, 00:02:56 Exit
2 172.16.0.0/30 is subnetted, 8 subnets Interface
172.16.4.0 is directly connected, fa0/1/2
Dst: 10.1.0.5
fa 0/1/2
172.16.4.2 10.1.0.5
Award Solutions' eBook is authorized for a single user only. Do not distribute.
41
3 | Routing Table
Black Holes
Award Solutions' eBook is authorized for a single user only. Do not distribute.
42
3 | Routing Table
Black Holes
Network forwards
packets to a router
Router drops the
packets
Possible reasons:
Routing Error
MTU Error
Intentional Discard
Black Hole Route:
R(config)#ip route 10.1.1.1 255.255.255.0 null0
The term black hole refers to the case when a router routing table includes a null route (also known as
receives a packet, but cannot forward the packet and the black hole route). Any incoming packets that that
packet is dropped. This action results in a routing black match that route are discarded. This is an appropriate
hole, analogous to the theoretical astronomical way to deal with malicious traffic, for example. An
phenomenon of a region in space with a gravitational pull Intrusion Prevention System (IPS) may dynamically
such that nothing, not even light, can escape. create a null route when it detects suspect activity.
ICMP messages are usually suppressed in this case,
There are several reasons why black holes in the IP
so as to conceal the countermeasures from the
networking sense might occur.
attacker.
Routing Errors A packet arrives, the router finds no
route and discards the packet. If the router is allowed
to send ICMP messages, it notifies the sender using
an Internet Control Message Protocol (ICMP)
Destination Network Unreachable message.
MTU Problems If the Maximum Transmission Unit
(MTU) of the outbound link is too small to
accommodate the packet, and if the packets Dont
Fragment bit is set, the router drops the packet and
send an ICMP Fragmentation Required message
indicating what the MTU must be to send the packet
through the interface.
Intentional Discard In some circumstances, the
Award Solutions' eBook is authorized for a single user only. Do not distribute.
43
3 | Routing Table
Summary
There are three sources of routes: directly connected
interfaces, static routes, and dynamic routing protocols.
Routing table organization is as follows: Level 1 and Level 2
routes; Parent and Child Routes.
Administrative distance, the longest-match rule and route
metrics are used to select from among multiple alternate
routes.
Routing table entries have a next-hop address, metric and
(optionally) exit interface.
Recursive routing may be used when the route table entry
does not specify an exit interface.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
44
3 | Routing Table
Review Questions
Use the table on the following page to answer the
questions below.
1. How many Level 1 routes are in this table?
2. How many routes were learned through dynamic
routing protocols?
3. The router receives a packet with the destination
address 172.16.0.1. Which interface does the
router send the packet out?
4. The router receives a packet with destination
address 20.15.0.4 Which interface does the
router send the packet out?
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
45
3 | Routing Table
Review
P1#show ip route
Codes: C - connected, S - static, R - RIP, B BGP, O - OSPF
Award Solutions' eBook is authorized for a single user only. Do not distribute.
46
4 | OSPF Key Concepts
Chapter 4:
OSPF Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
47
4 | OSPF Key Concepts
Objectives
After completing the module, you will be able to:
Describe how OSPF relates to Autonomous
Systems and other routing protocols.
Describe the design of scalable networks using
OSPF areas
Describe the role of Area Border Routers (ABRs)
List the types of Link-State Advertisements that
OSPF uses to communicate routing information
Award Solutions' eBook is authorized for a single user only. Do not distribute.
48
4 | OSPF Key Concepts
OSPF Area 0
OSPF Area 1 OSPF Area 2
The Open Shortest Path First (OSPF) protocol is a widely added by the protocol. The Shortest Path First algorithm
used interior gateway protocol. It is a mature protocol, would run more frequently and need to consider greater
defined by the Internet Engineering Task Force (IETF) numbers of alternate paths, increasing the amount of
standard specification, Request for Comment (RFC) 2328. processing that OSPF performs.
OSPF runs within a single Autonomous System (AS). OSPF OSPF areas provide scalability by dividing the autonomous
routers collect information about the AS topology, known system into logical subsystems. Each router learns the
generically as Link State Advertisements (LSAs). The detailed topology of its own area, but not that of other
routers store this information in a Link State Database areas. Instead, the Area Border Router (ABR) originates a
(LSDB) and use it to calculate least-cost routes to each of Summary-LSA into the area on behalf of all the routers
the destinations in the AS. These routes loaded into outside of the area.
routing tables.
All routers in a single area have identical LSDBs. ABRs
OSPF quickly detects changes to the AS topology (such as have a LSDB for each area that they participate in.
interface failures), updates the LSDB, recalculates the
cost of the routes and updates the routing tables.
OSPF Areas allows OSPF to perform more efficiently over
large networks. Without OSPF areas, OSPF would not scale
well as the size and complexity of the Autonomous System
grows. The Link State Database (LSDB) would expand,
increasing the amount of memory that OSPF needs to
function. The number of Link State Advertisements (LSA)
sent would increase, worsening the messaging overhead
Award Solutions' eBook is authorized for a single user only. Do not distribute.
49
4 | OSPF Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
50
4 | OSPF Key Concepts
Area 0
Area 1 Area 2
Award Solutions' eBook is authorized for a single user only. Do not distribute.
51
4 | OSPF Key Concepts
Internal Router
Internal and
Autonomous
System Boundary
Router (ASBR)
AS 200
AS 400
Award Solutions Proprietary
OSPF defines four types of routers: Internal Routers, through static configuration. They originate External-AS
Backbone Routers, Area Border Routers, and Autonomous Link State Advertisements (LSAs) to communicate these
System Boundary Routers. Depending on their function, a external routes throughout the AS.
given router may be of one or more of these types.
The simplest type of router is an internal router. If all of a
routers interfaces are part of the same area, then that
router is said to be an internal router.
A router with at least one interface that is part of the
backbone area is a backbone router. If all of the routers
interface are part of the backbone area, then that router
could be considered both a backbone and internal router.
The Area Border Router (ABR) contains interfaces on at
least two different areas. The ABR originates Summary-
LSAs into the backbone containing a summary of the non-
zero areas intra-area routes. It originates Summary-LSAs
into the non-zero area containing a summary of the ASs
inter-area routes.
The Autonomous System Boundary Router (ASBR)
exchanges routing information with other Autonomous
Systems (ASs). This may be through a different routing
protocol, such as the Border Gateway Protocol (BGP) or
Award Solutions' eBook is authorized for a single user only. Do not distribute.
52
4 | OSPF Key Concepts
Link State
Advertisements (LSA)
Award Solutions' eBook is authorized for a single user only. Do not distribute.
53
4 | OSPF Key Concepts
The router maintains a Link State Database (LSDB) for 4. External-LSAs. The autonomous system boundary
each area to which it belongs. The contents of the LSDB router originates an External-LSA that contains routes
are flooded to all of the routers in the area. Each of the to destinations outside the autonomous system.
routers in the area eventually build an exact replica of the
Using the information in the chart, draw the network
areas LSDB. The LSDB is a representation of the topology
topology for the local area that contains 11 routers and
of the area. It identifies the routers and networks in the
three networks. The numbers indicate the metrics on the
area, the links that interconnect them and the cost of
given links between the connected nodes or networks. For
those links.
example, the 0 in the row and column that link Network 3
The contents of the LSDB are Link State Advertisements with Router 7 indicate that Router 7 connects to Network
(LSA). The LSDB holds four types of LSAs: 3 and from Network 3 to Router 7 the cost is 0. However,
look at the link from Router 7 to Network 3 and the cost is
1. Router-LSAs. Each router originates a Router-LSA that
2. There is no cost associated with coming out of a
describes the state of the its interfaces.
network. Costs are incurred when leaving routers.
2. Networks-LSAs. The networks designated router
originates a Network-LSA that contains a list of
routers connected to that network.
3. Summary-LSAs. The area border router originates a
Summary-LSA that contains routes to destinations
outside the area, but inside the autonomous system.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
54
4 | OSPF Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
55
4 | OSPF Key Concepts
The Network
R3 5 4 R8
R11
3 3
5 3 3 1 1 2 2 4
R4 R2
N1 R1
N2 R6
N3 R7 R9
5 4
R5 R10
Award Solutions' eBook is authorized for a single user only. Do not distribute.
56
4 | OSPF Key Concepts
Link State
Advertisements
Award Solutions' eBook is authorized for a single user only. Do not distribute.
57
4 | OSPF Key Concepts
Router-LSA Network-LSA
(Type 1) (Type 2)
Summary-LSA External-LSA
(Type 3, 4) (Type 5, 7)
Opaque-LSA
(Type 9,10,11)
Award Solutions' eBook is authorized for a single user only. Do not distribute.
58
4 | OSPF Key Concepts
Type 1 Router-LSA
Router-LSA = Type 1
Link State ID: 192.168.50.1
No of Links=2
Link 1 Cost , Type and other Details
Link 2 Cost , Type and other Details
Neighbor List
Area 1
Award Solutions' eBook is authorized for a single user only. Do not distribute.
59
4 | OSPF Key Concepts
Type 2 Network-LSA
R1 (DR)
Point-to-Point Link
10.2.1.100/24
Network-LSA = Type 2
Network-LSA = Type 2
Link State ID: 10.2.1.100
Link State ID: 10.2.1.100
Subnet Mask = 255.255.255.0
Subnet Mask = 255.255.255.0
RID of Attached Router-R1
RID of Attached Router-R1
RID of Attached Router-R2
RID of Attached Router-R2
RID of Attached Router-R3
RID of Attached Router-R3
RID of Attached Router-R4
RID of Attached Router-R4
NW: 10.2.1.0/24
Area 1
R2 R3 R4
Award Solutions' eBook is authorized for a single user only. Do not distribute.
60
4 | OSPF Key Concepts
Type 3 Summary-LSA
Award Solutions' eBook is authorized for a single user only. Do not distribute.
61
4 | OSPF Key Concepts
ASBR
ASBR Summary-LSA = Type 4
Link State ID: 192.168.50.7
Subnet Mask = 0.0.0.0
R7 Metric = 22
(RID 192.168.50.7)
Area 0
Area 1
Award Solutions' eBook is authorized for a single user only. Do not distribute.
62
4 | OSPF Key Concepts
Type 5 AS-External-LSA
10.0.0.0/16
10.1.0.0/16
10.2.0.0/15
AS 100 AS External-LSA = Type 5
Link State ID: 10.0.0.0/16
AS External-LSA = Type 5
Metric ==20
AS External-LSA Type 5
Link State ID: 10.0.0.0/16
Link State ID: 10.1.0.0/16
Metric ==20
AS External-LSA Type 5
Metric ==20
AS External-LSA Type 5
eBGP Link State ID: 10.1.0.0/16
Link State ID: 10.2.0.0/15 Metric ==20
Metric = 20 AS External-LSA Type 5
Link State ID: 10.2.0.0/15
Metric = 20
ASBR Area 1
Area 0
Award Solutions' eBook is authorized for a single user only. Do not distribute.
63
4 | OSPF Key Concepts
Types 9 11 Opaque-LSA
AS 100 AS 300
Opaque-LSA
AS-scope
Area 0
Area 1
Area 2
Opaque-LSA
N1 Area-scope
Opaque-LSA
Network-scope
AS 200
AS 400
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
64
4 | OSPF Key Concepts
Summary
OSPF is used to exchange routing information
between routers within an Autonomous System.
OSPF uses Link-State Advertisements to
communicate information about the topology of the
network.
Routers store Link-State Advertisements in the
Link-State Database.
Each router in an area maintains its own copy of
the Link-State Database.
OSPF routers learn details about the topology of
their area, but not that of other areas.
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
65
4 | OSPF Key Concepts
Review Exercise
Orlando St. Petersburg
Area 1 Area 2
R5 R10
R8:
R6 R4
N1 R3 R8
N2 R9 R11
R1
R7 R4: R12: R12
Area 3 BGP
R15 R2
BGP
R16 R14
N3 R13 R18 R19
R13:
R17 Tampa
Award Solutions' eBook is authorized for a single user only. Do not distribute.
66
5 | OSPF in Wireless Networks
Chapter 5:
OSPF in Wireless
Networks
Award Solutions' eBook is authorized for a single user only. Do not distribute.
67
5 | OSPF in Wireless Networks
Objectives
After completing the module, you will be able to:
Describe the operations of an OSPF router
Troubleshoot OSPF adjacency issues
Analyze the contents of the link-state database
Calculate OSPF link metrics to influence routing
decisions
Use OSPF areas to build scalable networks
Award Solutions' eBook is authorized for a single user only. Do not distribute.
68
5 | OSPF in Wireless Networks
Synchronize
Keep-Alive
LSDB
Populate
Routing Table
Award Solutions Proprietary
An OSPF-capable router spends its life performing the OSPF routers keep tabs on their neighbors. If the
following functions. router suddenly stops receiving keep-alive messages,
it assumes that the neighbor has gone off-line,
OSPF routers automatically discover the existence of
updates the LSDB accordingly, re-runs the SPF
neighboring routers.
algorithm and adjusts the routing table as necessary.
Having discovered a new neighbor, the two routers
synchronize their Link State Databases (LSDBs).
Once the topology of the network is known (through
the LSDB), the router runs a Shortest Path First (SPF)
algorithm to calculate the optimal path to reach each
of the known destinations in the network.
The best path information is merged with other
routing information (e.g., static routes and other
dynamic routing protocols) to create routing table.
When changes occur in the network topology (e.g.,
links are enabled or shutdown), the router updates its
neighbors by sending a Link State Advertisement
(LSA). Of course, the router may also re-run the SPF
calculations to determine the impact of the topology
change and update the routing table accordingly.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
69
5 | OSPF in Wireless Networks
Neighbor Discovery
Award Solutions' eBook is authorized for a single user only. Do not distribute.
70
5 | OSPF in Wireless Networks
Neighbor Discovery
Hello message
Send periodically
Multicast: 224.0.0.5
Includes
Router ID
Area ID
Hello Interval
Dead Interval
Subnet Prefix
Neighbor List
Award Solutions' eBook is authorized for a single user only. Do not distribute.
71
5 | OSPF in Wireless Networks
Hello Protocol
R1 Hello R2
Area ID, Router ID, Neighbor List
R1 hears Hello
Hello
and adds R2 to
Area ID, Router ID, Neighbor List (R2)
neighbor list
R2 hears Hello
Hello
and adds R1 to
Area ID, Router ID, Neighbor List (R1)
neighbor list
Hello
Area ID, Router ID, Neighbor List
Award Solutions Proprietary
The Hello protocol is used to discover new OSPF that Router R1 has sent. It notes that its own Router Id
neighbors, verify that two-way communication is in place, was included in the message. Router R2 now knows that
communicate information about the routers configuration two-way communication is possible with this neighbor. R2
and confirm that the neighbor remains active over time. adds R1 to its list of the neighbors and includes R1s
The router sends a Hello message every HelloInterval Router Id in the next Hello message that it sends. Router
seconds (10 seconds is typical). The router sends the R1 notes that its Router ID has been included in Router
Hello message to the well-known multicast address R2s hello message. Router R1 now knows that two-way
224.0.0.5. The router includes the Area ID, the sending communication is possible with R2.
routers own Router ID and a list of Router IDs from whom
The two routers analyze the fields in the Hello messages.
the sending router has received a Hello message. The
If their respective area ID, network mask, HelloInterval,
message also contains authentication credentials, the
and RouterDeadInterval fields match, they may attempt to
network mask of the interface, the value of the
form an adjacency with each other and begin to
HelloInterval and RouterDeadInterval timers, the Router ID
synchronize their Link State Databases.
of the Designated Router and a priority value used in the
Designated Router election procedure.
In the example shown, Router R1 has been sending Hello
messages every HelloInterval seconds. Router R2 comes
online starts running OSPF. It starts sending its own Hello
messages. Router R1 hears the Hello message that
Router R2 has sent. It adds R2 to its list of neighbors and
includes R2s Router ID when it sends its next Hello
message. Likewise, Router R2 hears the Hello message
Award Solutions' eBook is authorized for a single user only. Do not distribute.
72
5 | OSPF in Wireless Networks
Database Synchronization
R1 R2
Award Solutions' eBook is authorized for a single user only. Do not distribute.
73
5 | OSPF in Wireless Networks
R4 R3 R4 R3
Multi-Access
Network with
6 OSPF
R5 R6 R5 R6
Routers
No DR and BDR Election R1 R2 R3 With DR and BDR Election
Adjacencies = N*(N-1)/2 Adjacencies = 2N-3
Adjacencies = 6*(6-1)/2 = 15 Adjacencies = (2*6)-3=9
Consider the effects of the neighbor discovery procedure Instead of forming adjacency with every neighbor on the
on a multiple-access network with six routers. Each router network, a router instead forms an adjacency with only the
would discover five neighbors and form five adjacencies. DR and BDR. In the example configuration shown, the
Fifteen adjacencies would be formed overall. The total number of adjacencies that form is reduced from 15
Designated Router (DR) concept reduces the number of to 9.
adjacencies required in this circumstance, and by
extension reduces the size of the Link State Database
(LSDB) and the number of OSPF messages sent over the
network.
The Hello protocol includes a mechanism by which the
routers autonomously determine which router functions as
the DR. The administrator can influence this decision by
assigning certain priorities to each of the routers. Once a
DR has been elected for the network, it generally does not
change unless the DR goes out of service. To facilitate a
fast recovery from that circumstance a Backup
Designated Router (BDR) is elected at the same time as
the DR. If the DR should go out of service, the BDR takes
over as DR and a new BDR is elected.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
74
5 | OSPF in Wireless Networks
Metrics
Award Solutions' eBook is authorized for a single user only. Do not distribute.
75
5 | OSPF in Wireless Networks
OSPF Metric
Interface Speed Cost
Type (Mbps) ref = 100 Mbps ref = 1 Gbps ref = 10 Gbps
10GE 10000 1 1 1
OC-192c 9953.28 1 1 1
OC-48c 2488.32 1 1 4
GigE 1000 1 1 10
OC-12c 622.08 1 1 16
OC-3c 155.52 1 6 64
Fast Ethernet 100 1 10 100
Ethernet 10 10 100 1000
Reference Bandwidth
OSPF Cost =
Link Speed
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
76
5 | OSPF in Wireless Networks
Exercise
Speed Cost
Interface Type
(Mbps) ref = 100 Mbps ref = 1 Gbps ref = 10 Gbps
10GE 10000 1 1 1
OC-192c 9953.28 1 1 1
OC-48c 2488.32 1 1 4
GigE 1000 1 1 10
OC-12c 622.08 1 1 16
OC-3c 155.52 1 6 64
Fast Ethernet 100 1 10 100
Ethernet 10 10 100 1000
T3 44.736
T1 1.544
Award Solutions' eBook is authorized for a single user only. Do not distribute.
77
5 | OSPF in Wireless Networks
5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1
5 4
R7 R12
1 2 2
R15 5 R2 4 R20
1 1
5 3 3 1 2 2 4
R16 R14
N3 R13 R18
N4 R19 R21
5 4
R17 Tampa Boca R22
Award Solutions' eBook is authorized for a single user only. Do not distribute.
78
5 | OSPF in Wireless Networks
1 1
R3 R1 R18 R3 R1 R18
1
2
R2 R2
1 1 1 1
1 1
Destination Next Hop
R13 R8 R8 R13
R1 R1
Before R13 R13 After
R2 R13
R18 R13
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
79
5 | OSPF in Wireless Networks
Equal-Cost Multipath
R8
1 1
Destination Next Hop
R8 R8
1
R3 R1 R18 R1 R1
R13 R13
1
R2 R13
R2 R2 R1
1 1 R18 R13
1 R18 R8
R13
After
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
80
5 | OSPF in Wireless Networks
SPF Exercise
Orlando St. Petersburg
R5 5 4 R10
5 3 N1 3 2 N2 2 4
R6 R4 R3 R8 R9 R11
R1
5 4
R7 R12
R15 5 R2 4 R20
5 3 3 2 2 4
R16 R14
N3 R13 R18
N4 R19 R21
5 4
R17 Tampa Boca R22
Award Solutions' eBook is authorized for a single user only. Do not distribute.
81
5 | OSPF in Wireless Networks
Areas
Award Solutions' eBook is authorized for a single user only. Do not distribute.
82
5 | OSPF in Wireless Networks
5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1
5 4
R7 R12
1 2 2
R15 5 R2 4 R20
1 1
5 3 3 2 2 4
R16 R14
N3 R13
1
R18
N4 R19 R21
Tampa Boca
5 4
R17 R22
Total: 22 SPF Processes, 22 LSDBs and 572 LSAs
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
83
5 | OSPF in Wireless Networks
5 3 N1 3 1 2 N2 2 4
R6 R4 R3 R8 R9 R11
1 1
R1 ABR: 4
R7 5 Backbone Router: 2 SPF, 2 LSDBs & 19 LSAs R12
1 SPF, 1 LSDB, 10 LSAs
1 2 2
Area 3 Area 4
R15 5 R2 4 R20
1 1
5 3 3 2 2 4
R16 R14
N3 R13
1
R18
N4 R19 R21
Tampa Boca
5 4
R17 R22
Total: 26 SPF Processes, 26 LSDBs and 240 LSAs
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
84
5 | OSPF in Wireless Networks
Area Summarization
Orlando St. Petersburg
Area 1 Area 2
R5 10.1.1.0/24 Summary-LSA: 10.2.1.0/24 R10
10.1.0.0/16
10.1.2.0/24 10.2.0.0/24 10.2.2.0/24
R6 R4
N1 R3 R8
N2 R9 R11
10.1.0.0/24
R1
R7 10.1.3.0/24 Summary-LSA: 10.2.3.0/24 R12
10.1.0.0/16
Area 3 Area 4
R15 10.3.1.0/24 R2 10.4.1.0/24 R20
R16 R14
N3 R13 R18
N4 R19 R21
10.3.0.0/24
Award Solutions' eBook is authorized for a single user only. Do not distribute.
85
5 | OSPF in Wireless Networks
Summary
The OSPF Hello protocol drives the neighbor
discovery process.
On broadcast networks, OSPF routers form
adjacencies with the designated router.
Adjacent neighbors exchange link-state databases.
The Link-State Database (LSDB) stores Link-State
Advertisements (LSAs).
All routers in an area share the same LSDB.
Area Border Routers send Summary-LSAs on behalf
of the area.
OSPF metrics are calculated based on link speed.
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
86
5 | OSPF in Wireless Networks
Review Questions
1. The Area Border Router (ABR) may perform which of the following
functions?
a) Send Summary-LSAs on behalf of the area.
b) Connect the routers in the area to the OSPF backbone.
c) Form an OSPF adjacency with each of the routers in the area.
d) Route summarization by advertizing a single route that
encompasses all of the areas routes.
2. When an OSPF router forms an adjacency with a neighbor:
a) It always receives a complete copy of the neighbors Link-State
Database.
b) It uses a Summary-LSA to send an abbreviated copy of its Link-State
Database to the neighbor.
c) It uses the neighbors Hello messages as a keep-alive mechanism.
d) It sends a Link-State Update message to notify the other routers in
the area that an adjacency has been formed.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
87
5 | OSPF in Wireless Networks
Review Exercise
Match the columns.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
88
6 | BGPv4 Key Concepts
Chapter 6:
BGPv4 Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
89
6 | BGPv4 Key Concepts
Objectives
After completing this module, you will be able to:
Define an Autonomous System
Differentiate between iBGP and eBGP
Describe how BGP attributes can be used to
implement routing policy
List some of the most significant BGP attributes
Describe the BGP messages for session
establishment
Use Route Reflectors to build scalable BGP
networks
Award Solutions' eBook is authorized for a single user only. Do not distribute.
90
6 | BGPv4 Key Concepts
Sample Network
4G
Data CE1
3G Modesto
San Francisco Data PE1
CE2 4G
CE10 Data
Alpha
Peering PE4
Corp GW1 GW2 CE3 3G
CE11 Data
4G
Data CE4
Fresno
3G
San Jose Data CE5 PE2 4G
CE12 Data
MPLS
Beta PE5
3G
GW4 Peering CE6 Backbone
Net GW3
CE13 Data
4G
Data CE7
Bakersfield
3G 4G
Sacramento Data CE8 PE3 CE14 Data
PE6
Charlie 3G
Peering CE15
Com GW5 GW6 CE9 Data
Award Solutions' eBook is authorized for a single user only. Do not distribute.
91
6 | BGPv4 Key Concepts
Autonomous Systems
Award Solutions' eBook is authorized for a single user only. Do not distribute.
92
6 | BGPv4 Key Concepts
Autonomous System
4G Data
AS110 CE1
Alpha ISP
AS9900 GW1 GW2 AS4000 CE3
4G Data
AS110 CE4
3G Data
San Jose AS120 CE5 PE2 MPLS
Beta ISP Backbone
AS8800 GW4 AS4000 CE6
GW3
AS 1
4G Data
AS110 CE7
3G Data
Sacramento AS120 CE8 PE3
Charlie ISP
AS7700 GW5 GW6 AS4000 CE9
Award Solutions' eBook is authorized for a single user only. Do not distribute.
93
6 | BGPv4 Key Concepts
4-byte ASN
Two notations
AS Plain: 65536 4294967296
AS Dot: 1.0 to 65535.65535
Existing ASN 1776 written as 0.1776
Award Solutions' eBook is authorized for a single user only. Do not distribute.
94
6 | BGPv4 Key Concepts
4G Data
AS 110 CE4 PE1
3G Data MPLS
San Jose AS 120
eBGP Backbone
CE5 PE2
AS 1
Beta Net iBGP
AS 8800 GW3 eBGP GW4 AS 4000 CE6
PE3
The Border Gateway Protocol (BGP) carries routing In our sample network, the autonomous systems inside
information between Autonomous Systems (ASs). Interior the switching offices have a Customer Edge (CE) router
gateway protocols such as the Open Shortest Path First that uses eBGP to exchange routes with the Provider Edge
(OSPF) protocol make routing decisions based on (PE) router in the core network autonomous system. The
straightforward link metrics. At this level in the network, PE routers use Internal BGP (iBGP) to connect to other
however, administrators generally prefer the flexibility of core network routers. The Internet peering AS (ASN 4000)
policy-based routing. BGP supports this by associating a contains a gateway router that uses eBGP to connect to
set of attributes with each route. The attributes include the respective external ISP. The gateway router also uses
standard parameters such as AS Path, Origin and Next- iBGP to connect to the ASN 4000 CE router.
Hop address. Additionally, BGP may tag routes with more
customized attributes whose meanings are known only to
the AS. The routers may use these attributes to decide
which routes to advertise to peers, which advertisements
they accept from peers and how they prioritize the routes
that they do accept. Routers may manipulate the
attributes when they send or receive routes from peers.
When a router uses BGP to exchange routes with a router
in a different autonomous system, we refer to that
specifically as External BGP (eBGP). A router may also use
BGP to exchange routes with a router inside its own
autonomous system. This is referred to as Internal BGP
(iBGP).
Award Solutions' eBook is authorized for a single user only. Do not distribute.
95
6 | BGPv4 Key Concepts
BGP Messages
Award Solutions' eBook is authorized for a single user only. Do not distribute.
96
6 | BGPv4 Key Concepts
BGP Messages
No Neighbor
Discovery
4G Data
MPLS Core
AS 110 Open TCP Connection
CE PE AS 1
Open Open
Initial Route
Update Update
Exchange
Periodic
Keep- Keep-Alives
Keep-Alive Alive
Send Update if Update
something
changes Please send me
Route- those routes
Refresh again.
Here they are Update
BGP is not a particularly complicated protocol. There is no Notification message before closing the TCP connection.
neighbor discovery procedure, so you must tell a router
who its BGP neighbors are through configuration. BGP
relies on the Transmission Control Protocol (TCP) to
ensure reliable delivery of messages, so it doesnt define
any special retransmission mechanisms or response
messages. Once the TCP connection has been
established, both routers send an Open message. This
message contains the routers BGP identifier, autonomous
system number, timer values and other protocol options. If
the proposed parameters are acceptable to the neighbor,
it responds with a Keep-Alive message. The routers next
use BGP Update messages to exchange their BGP routes.
After the initial exchange of routes, the routers update
each other if something changes in their routing tables. In
the meantime, they periodically send Keep-Alive
messages to confirm that the BGP session remains up. If
a routers routing policy changes, it may send a Route-
Refresh message to request that its neighbor re-send its
BGP routes. Either router may gracefully close the BGP
session simply by closing its underlying TCP connection. In
the event of an error, the router may also send a BGP
Award Solutions' eBook is authorized for a single user only. Do not distribute.
97
6 | BGPv4 Key Concepts
BGP Update
4G Data
AS 110 CE4 PE1
3G Data
San Jose AS 120
Update AS 1
CE5 PE2
Beta Net Update Update
AS 8800 GW3 GW4 AS 4000 CE6
PE3
Withdrawn
150.13.5.0/24
Routes
88.1.2.0/24
Advertised 88.2.1.0/24
Attributes
Routes 88.3.4.0/24
88.4.3.0/24
Route distribution is straight-forward in BGP. A router In our sample network, the Beta Net router, GW3, sends a
sends a BGP Update message to its neighbor. The Update BGP Update message to the mobile network router, GW4.
message may include two sets of information: routes that The Update message indicates that GW3 is withdrawing
currently exist in its BGP table; and routes that it had the 150.13.5.0/24 route and advertising four other
previously advertised, but is now withdrawing. Any given routes 88.1.2.0/24, 88.2.1.0/24, 88.3.4.0/24 and
update message may include one or the other or both sets 88.4.3.0/24.
of information. Generally, the router includes the entire
contents of its BGP table when the BGP session is initially
established or in response to a Route-Refresh request.
Otherwise, it generally includes only new and updated
routes. The Update message also includes a set of
attributes associated with the routes.
When a router receives an Update message from a
neighbor, it updates its own BGP table as needed. It may
in turn send an Update message of its own to its other
neighbors, thus propagating the routing information
throughout the network.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
98
6 | BGPv4 Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
99
6 | BGPv4 Key Concepts
Award Solutions' eBook is authorized for a single user only. Do not distribute.
100
6 | BGPv4 Key Concepts
Routing Table
Route Source Metric Next-Hop Exit Interface
10.0.0.0/8 B 0 IPC gi0/1
10.0.8.0/24 B 0 IPD gi0/2
10.0.16.0/21 B 0 IPA fa0/1
10.0.24.0/21 B 0 IPB fa0/2
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
101
6 | BGPv4 Key Concepts
BGP Attributes
Mandatory/Optional
Attribute Description
Transitive/Non-Transitive
Sequence of ASs the route has
AS Path Mandatory, Transitive
traversed
Next-Hop Mandatory, Transitive Address of neighbor
Indicates whether or not BGP on
Origin Mandatory, Transitive originating router learned the route
through redistribution
Multiple Exit Determines best path for inbound
Optional, Non-transitive
Discriminator (MED) traffic
Determines best path for outbound
LOCAL_PREF Optional, Non-transitive
traffic; used only on iBGP neighbors
Community Optional, Transitive Assigns a marker to a route
Award Solutions' eBook is authorized for a single user only. Do not distribute.
102
6 | BGPv4 Key Concepts
AS Path Attribute
4G Data
AS 110 CE1
Update
3G Data 88.1.2.0/24 AS Path: 4000, 7700
San Francisco PE1
AS 120 CE2
Alpha Update
ISP
AS 7700 GW1 GW2 AS 4000 CE3
Update
88.1.2.0/24 AS Path: 7700
Update
MPLS
Backbone
88.1.2.0/24 AS Path: 1, 4000, 7700
AS 1
4G Data
AS 110 CE7
3G Data Update
Sacramento PE3
AS 120 CE8
The Autonomous System (AS) Path attribute is a value would be 1, 4000, 7700 when CE8 receives the
mandatory attribute. Every BGP route has an associated final Update message.
AS Path attribute. When a router originates a route, it puts
This example illustrates the route propagation to a single
its own ASN into the AS Path attribute. When a router
router. The route would similarly be propagated to the
propagates a route to an eBGP neighbor, it adds its own
other routers in the network.
ASN to the front of the AS Path attribute (note that it does
not do this when it forwards routes to an iBGP neighbor).
So the AS Path attribute is basically a list of autonomous
systems one would have to traverse to reach the
destination specified by the route.
The example shown traces the 88.1.2.0/24 route from
the Alpha Corp network to the 3G Data network in
Sacramento. Alpha Corp originates the 88.1.2.0/24 route.
When router GW1 sends a BGP Update message to GW2,
it sets the AS Path attribute to its own ASN 7700. GW2
forwards the Update to CE3 (not shown) on the slide. This
is an iBGP session, so the AS Path does not change. CE3
sends an Update to PE1, inserting ASN 4000 in front of
the AS Path attribute. PE1 forwards the Update to PE3.
This is also an iBGP session, so the AS Path attribute does
not change. PE3 sends an Update to CE8, inserting ASN 1
in front of the AS Path attribute. The AS Path attribute
Award Solutions' eBook is authorized for a single user only. Do not distribute.
103
6 | BGPv4 Key Concepts
MPLS Update
Update
Backbone
AS Path: 9900,
198.51.100.0/24
AS 1 7700, 4000
4G Data
AS 110 CE7
3G Data
Sacramento PE3 GW6 rejects the route,
AS 120 CE8
Award Solutions' eBook is authorized for a single user only. Do not distribute.
104
6 | BGPv4 Key Concepts
AS Override
4G Data
AS 110 CE1
Update
3G Data 192.0.2.0/24 AS Path: 110
San Francisco PE1
AS 120 CE2
Alpha ISP
AS 7700 GW1 GW2 AS 4000 CE3
4G Data
AS 110 CE7
Award Solutions' eBook is authorized for a single user only. Do not distribute.
105
6 | BGPv4 Key Concepts
Next-Hop Attribute
eBGP Update from CE10 to PE4
120.0.0.0/8 Next-Hop: IPCE10 Modesto
4G Data
CE10 AS 110
iBGP Update from PE4 to PE3
120.0.0.0/8 Next-Hop: IPCE10 PE4 3G Data
CE11 AS 120
Charlie ISP
AS9900 GW5 GW6 AS 4000 CE9 eBGP Update from GW6 to GW5
120.0.0.0/8 Next-Hop: IPGW6
Award Solutions Proprietary
The Next-Hop is a mandatory attribute. Every BGP route is an iBGP session, so CE9 does not change the Next-Hop
has an associated Next-Hop attribute. As its name attribute. GW6 has an eBGP session with GW5, so it does
indicates, the Next-Hop attribute is the address of the set the Next-Hop attribute.
router that is one step closer to the destinations specified
by the route.
When a router advertises a route through an eBGP
session, it sets the Next-Hop attribute to its own address.
When a router advertises a route through an iBGP session,
it leaves the Next-Hop attribute intact. This is a subtle, but
important point. In this circumstance, the router is
essentially telling its neighbor I know how to get to this
destination. If you have any packets for this destination,
send them to that router over there. This is sometimes
known as a third-party next-hop (examples of which are
marked with a red star in the example shown).
In the example shown, the 4G data network in Modesto
originates the route 120.0.0.0/8 and sets the Next-Hop
attribute to an IP address on router CE10. PE4 leaves the
Next-Hop attribute alone when it forwards the route to its
iBGP neighbor PE3. When PE3 advertises the route to its
eBGP neighbor, it sets the Next-Hop attribute to one of its
own IP addresses. The connection between CE9 and GW6
Award Solutions' eBook is authorized for a single user only. Do not distribute.
106
6 | BGPv4 Key Concepts
One of the fundamental rules in BGP concerns the The remaining two BGP routes are 10.0.16.0/24 and
reachability of the Next-Hop attribute. The rule states that 10.0.24.0/24. Their next-hop addresses are 130.1.43.1
a routes Next-Hop attribute must be reachable in order and 130.1.79.1, respectively. Both of these addresses
for that route to be copied to the routing table or are matched by the 130.1.0.0/16 entry in the routing
advertised to any other neighbors. In other words, the table (which is a static route). So, both of these routes
routing table must have an entry that matches the work just fine as well.
address in the routes Next-Hop attribute. The entry could
Note that the reachability of next-hop addresses may
be a directly connected or static route, or it could have
change as the routing table gets updated. If a next-hop
been learned from a routing protocol.
address becomes reachable, then the corresponding BGP
In the example shown, the local router has learned four route becomes valid. Likewise, if a next-hop address
BGP routes. The 10.0.0.0/24 route has a next-hop becomes unreachable, then the corresponding BGP route
address of 120.1.5.1. The routing table has an entry to becomes invalid. In our example, the 10.0.8.0/24 route
120.1.5.0/24 (which it learned from OSPF), so 120.1.5.1 would become valid (i.e., copied to routing table and
is reachable. Therefore, the 10.0.0.0/24 route works just advertised to neighbors) if the router learns a route to the
fine. BGP copies it to the routing table and advertises it to 120.2.5.1 address. Likewise, if the 120.1.50/24 or
its neighbors. 130.1.0.0/16 routes are removed from the routing table,
the corresponding BGP routes would become invalid (i.e.,
The 10.0.8.0/24 route has a next-hop address of
removed from routing table and withdrawn from
120.2.5.1, for which there is no matching entry in the
neighbors).
routing table. The 10.0.8.0/24 route therefore remains in
the BGP table, but BGP cannot copy it to the routing table
or advertise it to any other neighbors.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
107
6 | BGPv4 Key Concepts
Next-Hop-Self
eBGP Update from CE10 to PE4
120.0.0.0/8 Next-Hop: IPCE10 Modesto
4G Data
CE10 AS 110
iBGP Update from PE4 to PE3 3G Data
PE4
CE11 AS 120
120.0.0.0/8 Next-Hop: IPPE4
Fresno
Use next-hop-self command on PE4
4G Data
and CE9. MPLS CE12 AS 110
Backbone PE5
3G Data
iBGP Update from GW6 to GW5 AS 1 CE13 AS 120
120.0.0.0/8 Next-Hop:
4G Data IPCE9
AS 110 CE7 eBGP Update from PE3 to CE9
3G Data 120.0.0.0/8 Next-Hop: IPPE3
Sacramento PE3
AS 120 CE8
Charlie ISP
AS9900 GW6 CE9 eBGP Update from GW6 to GW5
GW5 AS 4000
120.0.0.0/8 Next-Hop: IPGW6
Award Solutions Proprietary
BGP requires that the address in a routes Next-Hop The example illustrates what happens if we use the next-
address be reachable in order for that route to be hop-self command on routers PE4 and CE9. Both of them
considered valid. Also, by default, BGP does not modify place their address in the next-hop field.
the value of the Next-Hop attribute when sharing routes
with iBGP neighbors. This can be a problem if the iBGP
neighbor does not already have a route to the routes next-
hop address.
In the example shown, CE10 originates a route to PE4.
The Next-Hop attribute is IPCE10. Ordinarily, PE4 would
propagate the route to PE3 without changing the Next-Hop
attribute. But if PE3 does not have a route to IPCE10, then
PE3 would consider the route to be invalid. It could not
install the route to 120.0.0.0/8 or propagate the route to
CE7, CE8 or CE9.
The Next-Hop-Self feature addresses this problem. The
feature instructs the router to replace the Next-Hop
attribute with one of its own addresses when it advertises
a route over an iBGP session. Remember, it already does
this for eBGP sessions, but not iBGP sessions.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
108
6 | BGPv4 Key Concepts
Local Preference
BetaNet and Charlie Com advertise 120.0.0.0/8 eBGP Update from GW3 to GW4
PE2 sets LOCAL_PREF to 200 120.0.0.0/8 AS Path: 8800, 4398
PE3 sets LOCAL_PREF to 150
iBGP Update from PE2 to PE5
BetaNet route is preferred
AS Path: 4000, 8800, 4398
120.0.0.0/8
LOCAL_PREF: 200
4G Data
AS 110 CE4
Fresno
3G Data
San Jose PE2 4G Data
AS 120 CE5
MPLS CE12
Update AS 110
Beta Update ISP Backbone PE5
3G Data
AS8800 GW3 GW4 AS 4000 CE6
AS 1 CE13 AS 120
4G Data
AS 110 CE7 iBGP Update from PE3 to PE5
3G Data AS Path: 4000, 9900, 4398
Sacramento PE3 120.0.0.0/8
LOCAL_PREF: 150
AS 120 CE8
The Local Preference (LOCAL_PREF) Attribute provides a Sacramento propagate the route to routers PE2 and PE3,
means for the local routing policy to indicate the degree to respectively. These routers have been configured with a
which the route is preferred. The attribute is a simple, local routing policy that calculates a local preference
unsigned integer value. Higher values indicate the route is value. PE2 sets the LOCAL_PREF attribute to 200. PE3
more preferred. The LOCAL_PREF attribute only has sets the it to 150. When PE2 and PE3 propagate their
significance within a single Autonomous System (AS). In routes to the other routers in ASN 1, they all learn that the
fact, the attribute cannot be included when advertising preferred path to the 120.0.0.0/8 destination is through
routes to External BGP (eBGP) neighbors. PE2.
In general, when a router receives a route from an eBGP
neighbor, the local routing policy may determine degree to
which the route is preferred and attach the LOCAL_PREF
attribute to the route. The router includes the
LOCAL_PREF attribute when it advertises the route to its
Internal BGP (iBGP) neighbors. When a BGP router
determines that it has multiple BGP routes to the same
destination, BGP selects the route with the higher
LOCAL_PREF value to be copied into the routing table and
advertised to its other neighbors.
In our example network, both the 120.0.0.0/8 route
originates in ASN 4398. Both the Beta Net and Charlie
Com networks learn the route and advertise it to the
mobile network. The ASN 4000 routers in San Jose and
Award Solutions' eBook is authorized for a single user only. Do not distribute.
109
6 | BGPv4 Key Concepts
Community Attributes
eBGP Update
Next-Hop: IPCE12
85.2.0.0/16 4G
Community: 4G
PE3
PE6
eBGP Update
Next-Hop: IPCE13
120.0.0.0/8 3G
Community: 3G
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
110
6 | BGPv4 Key Concepts
Route Reflectors
Award Solutions' eBook is authorized for a single user only. Do not distribute.
111
6 | BGPv4 Key Concepts
CE1 Modesto
San Francisco CE2 PE1 CE10
PE4
Alpha GW1 CE11
GW2 CE3
Fresno
CE4
Bakersfield
CE7
CE14
Sacramento CE8 PE3 PE6
CE15
Charlie GW5 GW6 CE9
By default, when a BGP router learns routes from an eBGP There would be a total of forty-five sessions. The sheer
neighbor, it propagates those routes to its iBGP neighbors. number of connections complicates router configuration
Similarly, when it learns routes from an iBGP neighbor, it and troubleshooting. And the problem gets much worse as
propagates those routes to its eBGP neighbors. The router the number of routers increases.
does not, however, propagate routes that it learns from an
iBGP neighbor any of its other iBGP neighbors. The
implications of this behavior are that, in order to
thoroughly distribute routes throughout the Autonomous
System, a BGP router must establish one iBGP connection
to every other BGP router in the Autonomous System (AS).
This is sometimes referred to as the iBGP full-mesh
requirement.
The full-mesh rule presents a scalability problem.
Mathematically speaking, if there are N number of BGP
routers in the AS, each one would need to establish N-1
iBGP sessions. The total number of iBGP sessions would
be calculated as N(N-1)/2. In the sample network shown,
there are six BGP routers in the MPLS backbone (AS 1).
Each one needs to maintain iBGP sessions to five different
neighbors. There are a total of 15 iBGP sessions
throughout the AS. Consider the numbers if there were 10
BGP routers. Each would maintain nine iBGP sessions.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
112
6 | BGPv4 Key Concepts
Route Reflectors
Centralized iBGP Route Distributor
Minimize iBGP Sessions
CE1 Modesto
San Francisco CE2 PE1 CE10
PE4
Alpha GW1 CE11
GW2 CE3
RR1
Fresno
CE4
RR2 Bakersfield
CE7
CE14
Sacramento CE8 PE3 PE6
CE15
Charlie GW1 GW2 CE9
Award Solutions' eBook is authorized for a single user only. Do not distribute.
113
6 | BGPv4 Key Concepts
Summary
BGP supports policy-based routing.
Policy determines the routes that a router
accepts, advertises, and uses.
BGP attributes include AS Path, Next-Hop,
and Community.
Route reflectors use iBGP to distribute
routes to all BGP routers in the AS.
eBGP runs between routers in different ASs.
iBGP runs between routers in the same AS.
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
114
6 | BGPv4 Key Concepts
Review - I
BGP Session Type
Interface
(eBGP or iBGP)
GW5 GW6
GW6 CE9
CE9 PE3
PE3 RR
RR PE5
PE5 CE13
Fresno
4G Data
AS 110 CE7 PE5 4G Data
CE12 AS 110
3G Data RR
Sacramento PE3 3G Data
AS 120 CE8
CE13 AS 120
Charlie ISP
AS9900 GW5 GW6 AS 4000 CE9
Award Solutions' eBook is authorized for a single user only. Do not distribute.
115
6 | BGPv4 Key Concepts
Review - II
Update 1 GW5 to GW6
4G Data
CE1 198.51.100.0/2 AS Path: 9900
AS 110
4 Next-Hop: IPGW5
3G Data
San Francisco PE1
AS 120 CE2
Update 2 GW6 to CE9
Alpha ISP AS Path:
198.51.100.0/2
AS 7700 GW1 GW2 AS 4000 CE3
4 Next-Hop:
Update 5
Update CE9 to PE3
198.51.100.0/2 AS Path:
4 Next-Hop:
RR
MPLS
Update 4 PE3 to RR
Backbone
198.51.100.0/2 AS Path:
AS 1
Update 4
4 Next-Hop:
4G Data
AS 110 CE7 Update 5 RR to PE1
198.51.100.0/2 AS Path:
3G Data
Sacramento PE3 4 Next-Hop:
AS 120 CE8
Award Solutions' eBook is authorized for a single user only. Do not distribute.
116
7 | BGPv4 in Wireless Networks
Chapter 7:
BGPv4 in Wireless
Networks
Award Solutions' eBook is authorized for a single user only. Do not distribute.
117
7 | BGPv4 in Wireless Networks
Objectives
After completing this module, you will be able to:
Improve routing performance
External Fast Failover, BFD Route Supervision,
Graceful Restart
Use the route dampening feature to reduce network
instability due to recurring failures
Use the maximum paths feature to implement load-
balancing
Use the multi-hop feature to connect to distant
neighbors
Use the maximum prefix feature to protect against
unpredictable routing behavior
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
118
7 | BGPv4 in Wireless Networks
Sample Network
4G Data 4G Data
Springfield
AS110 CE1 CE5 AS410
3G Data 3G Data
AS120 CE2 CE6 AS410
Boston
PE1
Voice PE3 Voice
CE7 AS410
AS 130 CE3
PE4
PE2
Services
VPN AS 1000 CE4 4G Data
CE8 AS510
Hartford
PE5
MPLS 3G Data
CE9 AS510
Backbone
Internet AS 1 PE6 Voice
CE10 AS510
PE7 4G Data
AppCom
VPN
Bridgeport
CE11 AS610
AS 5000 R1 3G Data
PE8
CE12 AS610
Voice
CE13 AS610
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
119
7 | BGPv4 in Wireless Networks
BGP Multipath
CE6 BGP Table
Route Attributes
10.0.16.0/21 Next-Hop: PE3
10.0.16.0/21 Next-Hop: PE4 4G Data
Springfield
10.0.24.0/21 Next-Hop: PE3 CE5 AS410
PE3
10.0.24.0/21 Next-Hop: PE4 3G Data
CE6 AS410
How many PE4 Voice
best routes? CE7 AS410
Award Solutions' eBook is authorized for a single user only. Do not distribute.
120
7 | BGPv4 in Wireless Networks
eBGP Multi-Hop
4G Data 4G Data
Springfield
AS110 CE1 CE5 AS410
3G Data 3G Data
Enable
eBGP
AS120 CE2 CE6 AS410
Boston
eBGP
eBGP Multi-hop PE1
PE3 Voice
Voice
CE7 AS410
AS 130 CE3
PE4
PE2
Services
VPN AS 1000 CE4 4G Data
CE8 AS510
Hartford
PE5
3G Data
eBGP
MPLS
CE9 AS510
Backbone
Internet AS 1 PE6 Voice
CE10 AS510
PE7 4G Data
AppCom
VPN
Bridgeport
CE11 AS610
eBGP
AS 5000 R1 3G Data
PE8
CE12 AS610
Voice
CE13 AS610
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
121
7 | BGPv4 in Wireless Networks
VPN
AS 5000 R1 R1
Typically advertises
10 routes
Award Solutions Proprietary
The autonomous systems routing policy determines the the routes offered by CE2 (of course, the number that are
number of routes that a router sends to its peers. Under accepted or rejected depends on the routing policy).
stable conditions, this number should not vary widely.
Similarly, router R1 sent 65 routes to CE4, instead of the
Large variations from the normal number of routes may
typical 10 routes. CE4 has been configured to drop the
indicate that a configuration error exists. For example, the
BGP session if the number of routes exceeds 20, in effect
policy filters may have been deleted or BGP may be
rejecting all of the routes that R1 offers. This results in a
inadvertently importing routes from OSPF. The
service outage for the services hosted by App.Com. The
configuration error may have occurred in a nearby router
system does not recover until somebody addresses the
or in a distant neighbor.
routing policy discrepancy between the number of routes
To insulate the network from such unexpected changes, sent by R1 and the number of routes expected by CE4.
the router may be configured to accept a maximum
number of BGP routes from a neighbor. Each neighbor
may have its own threshold. The router may generate a
warning message as the number of routes approaches the
threshold. If the number of routes exceeds the threshold,
the router may be configured to simply generate another
warning message, or to drop the BGP session entirely.
In the example shown, routers CE1, CE2 and CE3 each
advertise 20 routes to PE1 and PE2 under normal
circumstances. A configuration error results in CE2
sending 150 routes. PE1 and PE2 have been configured
to only generate a warning message. They process all of
Award Solutions' eBook is authorized for a single user only. Do not distribute.
122
7 | BGPv4 in Wireless Networks
Hold-Timer Keep-Alive
20 seconds
BGP BGP
TCP TCP
Loss of Signal
Notification
IP IP
GigE GigE
Award Solutions Proprietary
The BGP hold timer is used to detect the loss of a In the example shown, the CE routers directly connect to
neighbor. If the router does not receive a BGP message the PE routers. The hold timer has been configured to be
from its neighbor before the hold timer expires, then the twenty seconds. If a link failure occurs, the physical
router concludes that that neighbor is dead, terminate its interface immediately notifies the BGP process. If the fast
BGP session and invalidate any BGP routes that were external failover feature were not enabled, the BGP
learned from it. The hold timer is typically set to be on the processes would take up to twenty seconds to react to the
order of tens of seconds. failure and update their routing tables. Customer services
may be adversely affected during this interval.
External BGP (eBGP) neighbors are typically directly
connected to each other. The Fast External Failover
feature instructs BGP to monitor the status of the physical
interface that connects to the eBGP neighbor. If the
physical interface becomes disabled (for example, due to
a loss of signal or configuration error), BGP may react
immediately to declare the neighbor to be dead rather
than wait for the hold timer to expire.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
123
7 | BGPv4 in Wireless Networks
Hold-Timer Keep-Alive
20 seconds
BGP BGP
Loss of
TCP Communications TCP
Notification
GigE GigE
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
124
7 | BGPv4 in Wireless Networks
Graceful Restart
1. Negotiate on OPEN 4G Data
Springfield
CE5 AS410
2. PE3 goes down, saves PE3
routing table 3G Data
CE6 AS410
3. CE routers mark PE3s PE4 Voice
routes as stale, but CE7 AS410
continue using them to
forward packets
CE6 BGP Table
4. PE3 restarts, marks all
routes as stale, but begins Route Attributes
to use them to forward stale 10.0.8.0/21 Next-Hop: PE3
packets stale 10.0.16.0/21 Next-Hop: PE3
5. Re-open BGP sessions stale 10.0.24.0/21 Next-Hop: PE3
6. Re-send Routing
10.0.8.0/21 Next-Hop: PE4
Information
7. Update routing tables 10.0.16.0/21 Next-Hop: PE4
10.0.24.0/21 Next-Hop: PE4
Under ordinary circumstances, if a BGP router detects that then the stale routes may be reactivated (assuming they
a neighbor goes down, it deletes any routes it learned are still valid). Otherwise, the router proceeds to delete
from that neighbor and sends an update to its remaining the stale routes from the routing table. Six minutes is a
neighbors (who may, in turn, propagate the change to typical value for the recovery timer.
their neighbors, and so on). When the router subsequently
re-establishes a BGP session with its failed neighbor, it
again must update its routing tables and then update its
other neighbors (who, again, update their neighbors, and
so on). When a router fails and then recovers in a short
period of time, this is known as route flapping and causes
routing instability in the network.
As its name implies, the Graceful Restart feature allows
the network to handle this situation more gracefully. The
two neighbors must indicate support for the feature when
they open the BGP session.
If the neighbor subsequently goes down, the router does
not immediately purge its routes from the routing table.
Instead, it marks the routes as stale, set a timer and
continue forwarding packets.
If the neighbor recovers, re-opens the BGP session and re-
transmits its routing information before the timer expires,
Award Solutions' eBook is authorized for a single user only. Do not distribute.
125
7 | BGPv4 in Wireless Networks
Summary
Several features improve routing convergence:
Fast External Failover,
BFD Route Supervision, and
Graceful Restart.
BGP Multipath enables Equal Cost Multipath (BGP
typically selects only one best path).
eBGP Multi-hop enables eBGP to run between
neighbors that are not directly connected.
The Maximum Route feature verifies that neighbors
send the expected number of routes.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
126
7 | BGPv4 in Wireless Networks
Review
Connect the BGP features in the left column to their
functions or definitions in the right column.
a) Avoids unnecessary routing updates in the rare
circumstance that a router reboots
b) Allows the network to function with fewer iBGP
BFD Route Supervision connections
c) Rapidly detects loss of communication to a directly
Fast External Failover connected neighbor
d) Rapidly detects loss of communication with a distant
neighbor
Maximum Paths
e) May terminate the BGP connection if a neighbor sends
too many routes
Graceful Restart f) Avoids unnecessary routing updates in the event of an
intermittent or recurring link failure
g) Allows a router to form a BGP session with a neighbor
that is not directly adjacent
Award Solutions' eBook is authorized for a single user only. Do not distribute.
127
Award Solutions' eBook is authorized for a single user only. Do not distribute.
128
8 | L3VPN in Wireless Networks
Chapter 8:
L3VPN in Wireless
Networks
Award Solutions' eBook is authorized for a single user only. Do not distribute.
129
8 | L3VPN in Wireless Networks
Objectives
After completing the module, you will be able to:
Draw the L3VPN architecture
Draw a design for an L3VPN application in an
EVDO/UMTS PS-CN and LTE-EPC
Sketch the L3VPN design in EVDO-UMTS-LTE
transport
Show the interconnection between MTSOs using
L3VPN
Highlight the components and protocols of the
L3VPN network
Briefly explain the operation of L3VPN in wireless
Award Solutions' eBook is authorized for a single user only. Do not distribute.
130
8 | L3VPN in Wireless Networks
Interconnecting MTSOs
Award Solutions' eBook is authorized for a single user only. Do not distribute.
131
8 | L3VPN in Wireless Networks
LTE-EPC EVDO/UMTS
PS-CN
L3VPN
Prior to deploying MPLS, a service provider has to VPN customer routes are distributed between VRFs by a
maintain multiple separate networks such as ATM, TDM protocol known as Multi-Protocol Border Gateway Protocol
(T1/E1), Frame Relay (FR) and IP. This is a costly (MP-BGP).
proposition as each network requires different equipment
In the Peer-to-Peer L3VPN model, designated customer
and operating expertise. Basically, the service provider
routers called Customer Edge (CE) routers peer at Layer 3
had to maintain multiple networks to provide multiple
with service Provider Edge (PE) routers. Inside the MPLS
connectivity services.
network, the PE routers connect to Provider (P) routers.
With MPLS, the service provider can provide ATM, FR,
TDM and IP connectivity service to its customers with only
one MPLS core network. Hence, the service provider
maintains only one network to provide many different
connectivity services to its customers. In addition, the
service provider can provide more advanced services such
as Ethernet as well as L2 and L3 VPN services with QoS-
based Service Level Agreements (SLAs).
L3VPN is secure, flexible, easy to deploy/manage and very
popular among the wireless operators. L3VPN is very
widely deployed technology in many wireless operator
networks, Internet Service Provider networks, enterprise
networks and more. L3VPN uses the Virtual Routing and
Forwarding (VRF) inside the Provider Edge routers to
isolate the user plane, control plane and OA&M traffic.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
132
8 | L3VPN in Wireless Networks
L3VPN: Transport
1x EVDO/UMTS 1x EVDO /UMTS
Network Network
UE UE BTS/
BTS/
BTS/ Node B NB BTS/
Node B NB
CSR Backhaul Backhaul CSR
CE/MTSO CE/MTSO
Router P Router
PE P PE
CE/MTSO MPLS Transport CE/MTSO
Router Network Router
Backhaul Backhaul
CSR LTE-EPC LTE-EPC CSR
Network Network
UMTS/EVDO Routes
eNB eNB LTE Routes eNB eNB
eNB eNB
UE Award Solutions Proprietary UE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
133
8 | L3VPN in Wireless Networks
Interconnecting MTSOs
MME/
VRF-LTE S-GW PDSN
VRF-EVDO Palm Bay-CE1 Palm Bay-CE2
AS 110 & eBGP AS 120 & eBGP
MTSO/CE1 MTSO/CE2
Orlando-CE2 Miami-CE1
AS 120 & eBGP AS 110 & eBGP
PE1 PE2
MTSO/CE2 MTSO/CE1
BTS-2 eNodeB-1
PE2 Core AS1 PE1
P2-RR2 OSPF/LDP/
MP-iBGP
P1-RR1
PE1 PE2 BTS-1
eNodeB-2
Tampa-CE2 Tampa-CE1
AS 120 & eBGP AS 110 & eBGP
HA Award Solutions Proprietary P-GW
Award Solutions' eBook is authorized for a single user only. Do not distribute.
134
8 | L3VPN in Wireless Networks
L3VPN Architecture
Award Solutions' eBook is authorized for a single user only. Do not distribute.
135
8 | L3VPN in Wireless Networks
L3VPN Architecture
UE UE
Provider Domain
eNB eNB eNB eNB
eNB eNB
UE Award Solutions Proprietary UE
The Virtual Private Networks (VPNs) have to meet certain Performance: Performance guarantees are part of
requirements in terms of security, scalability, flexibility and every Service Level Agreement, and VPN-provider
performance. Since a service provider may support networks must support different levels of QoS and
thousands of VPNs, there must be the ability to reliability for different VPNs.
differentiate between VPNs in terms of QoS and
The provider-customer model shown above meets all the
performance.
requirements for VPN customers in terms of security,
Security: Security is an important requirement for scalability, flexibility and performance.
VPNs. The service provider must ensure that packets
This model has three parts: the customer networks,
from one VPN are not routed into other VPNs nor may
provider networks and the links connecting the provider
packets from outside sources be injected into VPNs.
and the customer networks.
Scalability: The network must be able to support
hundreds of VPNs with thousands of sites. The VPN
solution should not require a linear increase in
resources as the number of VPNs and the number of
sites increase.
Flexibility: VPNs must be flexible in order to add sites
quickly while meeting bandwidth and transport
requirements. New site addition and VPN discovery
must be automated.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
136
8 | L3VPN in Wireless Networks
Provider Domain
eNB eNB eNB eNB
eNB eNB
UE Award Solutions Proprietary UE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
137
8 | L3VPN in Wireless Networks
High-Level Operations
Award Solutions' eBook is authorized for a single user only. Do not distribute.
138
8 | L3VPN in Wireless Networks
BTS BTS
BTS MP-iBGP BTS
1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network
The MPLS core network consists of PE routers, P routers, The GRTs of all PEs and the GRT of the P routers form the
the loopback interfaces of each of these routers, and the MPLS Core Network. Note: VRFs are not used on the P
interfaces connecting PE-PE and PE-P. The MPLS Core routers.
uses single area OSPF to advertise the links and loopback
The CE and the respective VRF form an isolated network.
addresses of the core network. LDP is enabled on the
We have four such isolated networks in the above
MPLS core to distribute the labels for the core network
diagram. They are listed below.
and to build LSPs for every known destination between
the P routers and the PE routers. 1. CE_EVDO and VRF EVDO of ORL_PE
CEs are connected to PEs and isolation of customers 2. CE_LTE and VRF LTE of ORL_PE
traffic is achieved by using virtual routers known as VRF. 3. CE_EVDO and VRF EVDO of MIA_PE
In the example shown above, the EVDO networks and LTE 4. CE_LTE and VRF LTE of MIA_PE
Networks at Orlando site are connected to VRF EVDO and
VRF LTE created on ORL_PE. At the Miami site, the EVDO Counting the MPLS core, there are five isolated networks
networks and LTE Networks are connected to VRF EVDO in this diagram.
and VRF LTE in the same fashion.
To differentiate the standard routing table of ORL_PE from
routing tables created by the VRFs, the standard routing
table is called the Global Routing Table (GRT) in L3VPN
scenario.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
139
8 | L3VPN in Wireless Networks
BTS BTS
BTS MP-iBGP BTS
1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network
PE to CE Routing Protocol we must run multiple OSPF process on the PE; one for the
MPLS core and the other for the PE to CE link. The PE to
CE routers transfer their routes to the VRFs on PE using
CE OSPF process runs inside the respective VRF instance.
any of the protocols listed below.
The other disadvantage is that the mutual redistribution of
eBGP routes is required between the OSPF on PE-CE with MP-
Normal eBGP runs on the CE side and in the VRF instance iBGP on PE-PE and vice versa.
on the PE side. ISIS and RIP
The advantages of using eBGP on PE-CE are: The implementation of ISIS and RIP as PE-CE protocols is
1. No mutual redistribution is required between the similar to OSPF with the same disadvantages.
eBGP on PE-CE with MP-iBGP on PE-PE and vice Static/Default Routing
versa.
In static/default routing implementation, no routing
2. On the PE router, MP-iBGP and the customer eBGP protocol is used. A static route is created inside the VRF
inside the VRF instances are configured in a single table for the customer networks. It is redistributed into
section of BGP. MP-iBGP towards the other PEs. The CEs create a default
3. The issues given below for OSPF, ISIS and RIP are entry pointing toward the PE router to reach any network.
avoided, making eBGP the best PE-CE routing No routing protocol running between the CE and PE
protocol. results in efficient bandwidth utilization. The disadvantage
is that all new customer routes must be added manually
OSPF to the VRFs as they are added.
OSPF runs on the CE. On the PE, OSPF runs inside the VRF
instance of either EVDO or LTE. The disadvantage is that
Award Solutions' eBook is authorized for a single user only. Do not distribute.
140
8 | L3VPN in Wireless Networks
BTS BTS
BTS MP-iBGP BTS
1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network
Award Solutions' eBook is authorized for a single user only. Do not distribute.
141
8 | L3VPN in Wireless Networks
L3VPN Routing
MP-iBGP
MPiBGP (Route-X and A)
MPLS-LSP e-BGP
e-BGP
CE_LTE CE_LTE
MPLS-LSP
e-BGP e-BGP
MP-iBGP (Route-Y and B)
MP-iBGP
The Legacy VPN needs only an IP network in the core and Before the L3VPN routing happens, the MPLS core builds
IPSec or L2TP to tunnel the customer packets securely the LSPs for an all-IP network in the core using LDP. The
over the public Internet. The IP network in the core uses LSP is one way, and two LSP tunnels re-signaled to carry
OSPF along with BGPv4 to transport the customer routes. the IP packets between ORL_PE and MIA_PE.
This solution is not scalable due to the IP bottleneck and
The CE routers advertise their routes into the VRFs they
the manual provisioning VPN tunnels.
are connected to using the eBGP protocol. The EVDO and
L3VPN based on MPLS technology breaks the IP LTE VRFs are now populated with the customer routes.
bottleneck. The VRFs on the PE routers enable the perfect The contents of the EVDO and LTE VRFs are shown below
isolation between the VPN customers, and the after the eBGP updates are exchanged between PEs-CEs.
configuration involves are very few steps. L3VPN uses a
An MP-iBGP session is established between PEs. The P
single-area OSPF and LDP to build the MPLS LSPs in the
router need not participate in MP-iBGP as it has no
core. The MP-iBGP protocol advertises the customer
customers/VRFs.
routes of VRFs across the MPLS domain to the VRFs of all
other PEs belong to the same VPN. The customer has a ORL_PE advertises the contents of VRF EVDO and VRF
choice of several protocols between the CEs and the LTE routes X and A. MIA_PE does the same and advertises
respective customer VRF on the Pes, but eBGP is the contents of VRF EVDO and VRF LTE routes Y and B.
preferred. The routes received from other PEs over MP-iBGP are
In the chart shown above, two VPN customers, EVDO and advertised toward the CEs over eBGP and the customer
LTE networks of the Orlando site, should be connected to routing table is updated accordingly. The end-to-end
the EVDO and LTE networks of the Miami site. MP-iBGP is L3VPN routing is ready between the two sites after this
used for linking customer VRFs and to transfer the routes process and ready to forward the customer traffic
between them. between EVDO and LTE networks.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
142
8 | L3VPN in Wireless Networks
L3VPN Forwarding
IP Packet 25 18
IP Packet 25
IP Packet 26 18
IP Packet 26
CE_LTE CE_LTE
20 35 IP Packet
35 IP Packet
20 36 IP Packet
36 IP Packet
The end-to-end L3VPN routing is ready between Orlando forwarded to VRF EVDO after popping Label 25. The
and Miami sites. The network is now ready to handle the VRF EVDO refers entry Y and forwards the IP packet
end-to-end VPN traffic. toward the CE_EVDO of the Miami site.
The above chart describes the L3VPN forwarding of traffic Traffic from A to B:
from Orlando sites towards Miami sites.
In the same way, the IP packets from the Orlando LTE
Traffic from X to Y networks are forwarded toward the Miami LTE sites
using inner label 26 and outer label 18.
CE_EVDO of Orlando: CE_EVDO of the Orlando site
sends an IP packet to destination Y, which is Traffic from Y to X and B to A:
parented to CE_EVDO of the Miami site. The IP packet
Traffic from Y to X and B to A follow in the same
arrives at ORL_PE and VRF EVDO is referred for
manner described above with different set of labels,
further routing.
as shown in the chart above.
ORL_PE: VRF EVDO checks the entry Y and forwards
the IP packet with Labels 18, 25; 18 being the outer
label which leads to the NH MIA_PEs loopback
Address and 25 being the VPN Label represents the
VRF route Y on MIA_PE.
P router: The P router pops (PHP) the label and
forwards the packet with Label 25 toward MIA_PE.
MIA_PE: VPN Label 25 was advertised by MIA_PE for
the VRF EVDO route Y. Hence, the packet is
Award Solutions' eBook is authorized for a single user only. Do not distribute.
143
8 | L3VPN in Wireless Networks
Summary
L3VPN can be used in EVDO-UMTS-LTE backhaul.
L3VPN is a good choice for EVDO-UMTS-PS-CN and LTE-
EPC interconnection.
MTSOs are interconnected using VRFs for various
customer traffic using L3VPN technology.
L3VPN has CE-PE-P routers and uses OSPF, LDP and
MP-iBGP in the core network.
L3VPN can use eBGP as a PE-CE protocol.
Customers eBGP routes are advertised to other PE
peers using MP-iBGP.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
144
8 | L3VPN in Wireless Networks
Review Questions
1. Which protocol carries the customer routes (L3VPN) in the MPLS-Core?
a) OSPF
b) LDP
c) MP-iBGP
d) None of the above
2. Which protocols work together to form the LSPs in the backbone
network?
a) MP-iBGP and eBGP
b) OSPF and LDP
c) None of the above
3. Why the Core Router (P-Router) is not participating in MP-iBGP route
exchange?
a) No Protocol Support on P Routers
b) No L3VPN Customers on P-Routers
c) None of the above
Award Solutions' eBook is authorized for a single user only. Do not distribute.
145
Award Solutions' eBook is authorized for a single user only. Do not distribute.
146
9 | L3VPN Routing
Chapter 9:
L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
147
9 | L3VPN Routing
Objectives
After completing the module, you will be able to:
Identify the routing protocols and associated
protocols used in L3VPN networks
Describe a VRF and its related parameters
List the MP-iBGP address families
Define the role of RD and VPNv4 address
Explain the use of Route-Target and VPN Labels
Describe the use of Site-of-Origin and iBGP-
Multipath in multi-homing scenario
Award Solutions' eBook is authorized for a single user only. Do not distribute.
148
9 | L3VPN Routing
Provider-Customer
Model
Award Solutions' eBook is authorized for a single user only. Do not distribute.
149
9 | L3VPN Routing
BTS BTS
BTS MP-iBGP BTS
1x EVDO 1x EVDO
Network Network
CE OSPF OSPF CE
VRF VRF
EVDO LDP LDP EVDO
GRT GRT
ORL_PE P1
P MIA_PE
VRF LTE VRF LTE
MPLS Core
Network
CE CE
LTE-EPC LTE-EPC
Network MP-iBGP Network
Award Solutions' eBook is authorized for a single user only. Do not distribute.
150
9 | L3VPN Routing
MPLS Router
Award Solutions' eBook is authorized for a single user only. Do not distribute.
151
9 | L3VPN Routing
RIB-LIB-FIB-LFIB
OSPF, IS-IS OSPF, IS-IS
Routing Process
eBGP etc eBGP etc
GE 0/0.410
PROTOCOL ROUTE NEXT-HOP
RIB GE 0/0.408
O 172.16.0.131/32 GE 0/0.408
172.16.0.131/32 172.16.0.131/32
Local Binding=22 Local Binding=22
Label Distribution Protocol
172.16.0.131/32 172.16.0.131/32
Remote Binding=37 ROUTE:172.16.0.131/32 Remote Binding=32
LOCAL/REMOTE LABEL LSR ID
LOCAL LABEL 22 172.16.0.135:0 LIB
PE
Router
+ REMOTE LABEL
REMOTE LABEL
32
37
172.16.0.137:0
172.16.0.136:0
FIB
ROUTE LABEL NEXT-HOP
IP Packets 172.16.0.131/32 32 GE 0/0.408 IP Packets
MPLS routers are based on standard routers with From the information in the RIB and the LIB, Forwarding
additional software to support the MPLS function. Information Bases (FIBs) are created and implemented in
hardware. FIBs allow efficient and fast forwarding
This chart demonstrates the control plane and forwarding
decisions to be made for each packet received.
plane of an MPLS router. Like a standard router, the
routing protocol functions as described earlier. We can say There are four forwarding modes possible:
that all MPLS routers can function as standard routers,
Inbound IP packet leaves as standard IP packet
but only those routers with MPLS software can function as
MPLS routers. Inbound IP packet leaves as labeled packet
Like standard routers, in an MPLS router, the routing and Inbound labeled packet leaves as labeled packet
forwarding functions are separated for efficient packet Inbound labeled packet leaves as standard IP packet.
forwarding. Forwarding functions are implemented in
hardware (Forwarding Plane) and Routing functions, like Standard routing applies when an inbound IP packet
exchange of routing information, sending OSPF hellos, and leaves as a standard IP packet. The destination address is
updates, are processed in software (Control Plane). The compared to the FIB and the longest match in the table
IGP routing process (for example OSPF) updates the determines the interface that the packet must be
Routing Table (RIB) and LDP (Label Distribution Protocol) forwarded from to reach the next hop in its route.
distributes labels for the routes available in RIB. The local When a router is an ingress router for an MPLS network, it
labels are distributed to the LSP neighbors and the is called the Label Edge Router (LER). LERs use the FIB to
remote labels are those received from the LDP neighbors. determine the label to be placed on a packet based on its
All labels, ingress and egress, are stored in the Label IP destination address. The addition of a label to a packet
Information Base (LIB). is called Pushing a label. Ingress routers are the first point
of contact with the MPLS network for a packet.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
152
9 | L3VPN Routing
RIB-LIB-FIB-LFIB (Continued)
OSPF, IS-IS OSPF, IS-IS
Routing Process
eBGP etc eBGP etc
GE 0/0.410
PROTOCOL ROUTE NEXT-HOP
RIB GE 0/0.408
O 172.16.0.131/32 GE 0/0.408
172.16.0.131/32 172.16.0.131/32
Local Binding=22 Local Binding=22
Label Distribution Protocol
172.16.0.131/32 172.16.0.131/32
Remote Binding=37 ROUTE:172.16.0.131/32 Remote Binding=32
LOCAL/REMOTE LABEL LSR ID
LOCAL LABEL 22 172.16.0.135:0 LIB
PE
Router
+ REMOTE LABEL
REMOTE LABEL
32
37
172.16.0.137:0
172.16.0.136:0
FIB
ROUTE LABEL NEXT-HOP
IP Packets 172.16.0.131/32 32 GE 0/0.408 IP Packets
Routers in the middle of an MPLS network are called Penultimate Hop POP (PHP) .
transit routers and they swap labels to move packets
An LSP is a predefined path that begins at an ingress
through the MPLS network. Inbound packets have labels
router and continues to an egress router. The path is one
and only the label is examined to determine the new label
way.
that must be swapped. As a labeled packet moves across
the MPLS network it may encounter 0253 transit routers FIB and LFIB are prepared based on the dynamic
until is reaches the edge of the MPLS cloud. Transit information available in RIB and LIB. When the RIB and
routers use the LFIB (Label Forwarding Information Base) FIB are updated based on the status of the network
to swap labels. topology, the contents of FIB and LFIB are also updated.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
153
9 | L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
154
9 | L3VPN Routing
What is VRF?
UE
BTS
VRF EVDO BTS 1x EVDO
Network
Routing
Process MPLS Core
CE
RIB Network
OSPF OSPF
FIB VRF VRF
EVDO GRT LDP LDP EVDO
GRT
ORL_PE P1
P MIA_PE
Routing VRF LTE VRF LTE
Process
RIB
CE Routing
FIB LDP
Process
LTE-EPC
VRF LTE Network RIB LIB
VPN customers spread across geography need a private Since VRF is not distributing labels, the LIB and LFIB are
network (virtual) interconnectivity for their sites. The absent. In some advanced MPLS implementations, like
virtual private network (VPN) provides the necessary Inter-AS MPLS, labels are distributed to customers,
privacy and security for their operations. The service resulting in a seamless MPLS Network. In this case, LIB
provider network (MPLS Core) provides a VPN service for and LFIB exist as well.
these customers.
The VRFs and GRT are completely isolated and no internal
The MPLS networks provides VPN services by creating a communication or transfer of routes possible except with
VRF Table for each customer and carrying the VRF routes the MP-BGP Table.
separately from the routes of other customers or the core
network.
Each customer has a Virtual Router called a VRF. Each
VRF creates its own routing table. When a VRF is created
a unique RIB and FIB are also created for each VRF,
hence the name Virtual Routing and Forwarding.
CE-PE routing protocols talk to the routing process
associated with VRFs and populate the routes in the
Routing Table (RIB) of VRF.
These routes are written in FIB of the VRF and are ready
to forward the IP packets between the customer and
MPLS core networks.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
155
9 | L3VPN Routing
VRF Parameters
VRF
Description Format Example
Parameter
Route Distinguishes the AS:Number 1:110
Distinguisher VPN routes of
(RD) different customers IP:Number 172.16.0.135:110
Export Route Outgoing VPN routes AS:Number 1:110
Target are identified by this
IP:Number 172.16.0.135:110
(RT) parameter
Import Route Incoming VPN routes AS:Number 1:110
Target are filtered by this IP:Number 172.16.0.135:110
(RT) parameter
Award Solutions' eBook is authorized for a single user only. Do not distribute.
156
9 | L3VPN Routing
The Route Target (RT) identifies every VPN across all RT has two purposes. The RT is advertised with the VPNv4
locations. The RT must be the same for geographically routes to indicate the target VRFs. This is known as export
separated VRFs that belong to a specific VPN on different RT. The RT allows the incoming VPNv4 routes advertised
PEs. Hence, the RT values must be unique per VPN by MP-iBGP with a specific RT into VRFs after converting
customer. VRFs are interconnected by this parameter. back into IPv4 address. The route target configured to
filter routes with a specific RT is known as import RT. The
RT has two formats:
export and import routers must be configured per VRF.
1. Type-1 is AS Number:Number (16-bits:32-bits)
As a convention, RT values and RD values may be the
Example 1:110 where 1 is AS Number of the PE same (110 in the example shown above).
router and 110 is the number assigned for the
RDs only distinguishes the overlapping routes on a router
specific VPN represented by VRF
and need not be VPN specific.
2. Type-2 is IP Address:Number (32-bits:16-bits)
Example 172.16.0.135:110 where 172.16.0.135 is
Loopback IP Address of the PE router and 110 is the
number assigned for the specific VPN represented by
VRF.
Cisco, by default, uses Type-1 format for RT and RD. Type-
1s advantage is that it has a common AS in it. All the PEs
fall under the same AS number (Core AS).
Award Solutions' eBook is authorized for a single user only. Do not distribute.
157
9 | L3VPN Routing
A customers routers are connected on specific interfaces Before attaching the interface to VRFs:
with non-overlapping IP addresses. These interfaces by
The CE_EVDO and CE_LTE routers are attached to the
default connected to the Global Routing table of the
Orlando PE (ORL_PE) using 192.168.4.8/30 and
router. These customer interfaces must be attached to the
192.168.4.4/30 address blocks on the interfaces GE
respective customer VRFs for the VPN operation. Once
0/0.403 and GE 0/0.402 respectively. Since by default
connected the customers directly interact with the routing
all the interfaces are connected to GRT these networks
protocols associated with the VRFs and advertise and
appear in the Global Routing Table as connected route.
receive the routes.
After attaching the interface to VRFs:
This is done by a simple command issued at the
respective customer interface. Cisco routers use the A command ip vrf forwarding vrf <VRF Name> is issued
command ip vrf forwarding <name of the customer VRF>. on the customer interface to detach from the GRT and
This command detaches the interface from the GRT and attach it to the specific VRF mentioned in the command.
attaches to the VRF mentioned in the command. The In the process the IP address configuration is lost and we
process of detaching an interface from GRT and attaching have to re-configure the IP address for the customer
it to a VRF resets or clears the IP Address allocation. interface on the PE side now connected to the customer
Hence IP address and Mask must be reassigned again VRF. Once the IP address is configured the network
manually when this action is done. appears in VRF table instead of GRT.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
158
9 | L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
159
9 | L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
160
9 | L3VPN Routing
Before getting deep into the MP-BGP lets examine the Route Manipulation
major modifications from the existing protocol BGP.
The route manipulation, network isolation and filtering of
Route Advertisement the routes involve complex configuration in BGP, whereas
MP-BGP employs a simple method using Route-Targets to
BGP is capable of transporting only IPv4 addresses. The
manipulate the routes.
BGP routes thus advertised are updated into the Global
Routing Table. In the public domain the private IP Transport of Networks
addresses defined in RFC 1918 (10.0.0.0/8;
BGP is capable of transporting routes and populating the
172.16.0.0/12; 192.168.0.0/16) are not routed hence
GRT. MP-BGP can transport the routes and populate VRFs
BGP is not configured to carry these routes. In private
and GRT.
network, BGP can transport the private IP addresses.
Community
MP-BGP transports IPv4 (32 bits), IPv6 (128 bits), VPNv4
(96 bits), VPNv6 (192 bits) Addresses. The VPNv4 and BGP transports only standard community of the format AS
VPNv6 routes belong to Private Networks and they are Number:Number (16 bits:16 bits) MP-BGP can transport
populated inside the respective IPv4 VRFs or IPv6 VRFs. both the standard community as well as the extended
You can expect RFC 1918 private IP addresses in these community. The extended community has two formats.
VRFs. MP-BGP transports these private IP addresses in The type 1 format is AS Number:Number (16 bits:32 Bits)
the form of VPNv4 and VPNv6 addresses inside a public and the type-2 format is IP Address:Number (32 bits:16
domain but these routes are not populated into the Global bits).
Routing Table but it goes into the respective VRFs. Hence Label
MP-BGP is capable of carrying both private and public
addresses in the public domain. BGP is not capable of distributing a label. MP-BGP is
capable of distributing a label for the advertised routes.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
161
9 | L3VPN Routing
Route Distinguisher
Award Solutions' eBook is authorized for a single user only. Do not distribute.
162
9 | L3VPN Routing
VRF-LTE P PE
The above chart represents two customers EVDO and LTE networks.
of Orlando uses the same IP address blocks for their
4. AS Path length: Both the AS Path length is 1 for both
networks. Two unique VRFs are created on ORL_PE router
the networks since these networks are parented to
and they are connected to CE_EVDO and CE_LTE routers
AS 120 and AS 110 and received directly from the
respectively. Both the CEs advertise their routes towards
respective ASs.
PEs and they are populated in VRF EVDO and VRF LTE. So
far so good. 5. Origin: The origin for both the networks are IGP.
MP-BGP tries to carry both the networks of VRF EVDO and 6. MED: No Metrics (MED) are set for the Customer
VRF LTE. Since the Network numbers are same network and it is 0 for both.
(10.0.96.0/20) it resorts to Path Determination steps to 7. eBGP or iBGP: Both are eBGP received routes.
decide the best path for outgoing advertisement.
8. Lowest IGP Metric to Peer: The Lowest metric is not
Path determination goes like this: applicable here as both or eBGP received routes.
1. Weight: Since we have not set any weight it is be 0 9. Router ID of the Peer: RID are same since both the
for both. networks EVDO and LTE are using same RID.
2. Local Preference: By default the Local Preference is 10. Peer ID of the Router: The Peer ID of CE_EVDO is
100 for both the routes. 192.168.4.9 and the Peer ID of CE_LTE is
3. Locally Originated: Both the routes are not locally 192.168.4.5. The lowest Peer ID wins. Thus the
generated. Since the next-hop is other than 0.0.0.0 network 10.0.96.0/20 from LTE VRF is advertised
for both the networks, i.e., the next-hop is and populated across all the LTE VRFs on other PEs.
192.168.4.9 EVDO and 192.168.4.5 for LTE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
163
9 | L3VPN Routing
VRF-LTE P PE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
164
9 | L3VPN Routing
Route Distinguisher
MPiBGP Advertisement to all other PEs
AS 120
RID: 10.0.96.65, Origin IGP, Metric =0 VPNv4 Route 1:120: 10.0.96.0/116
RID: 10.0.96.65 Extended Community RT 1:120
CE_EVDO Peer: 192.168.4.9/30
ORL_PE
Next-Hop IP Address
VPN Label
ORL_PEs Loopback
25
RD 1:110 P PE
VRF-LTE RD 1:110; RT 1:110
PROTOCOL ROUTE MP-iBGP PE
B 10.0.96.0/20
MPiBGP Advertisement to all other PEs
VPNv4 Route 1:110: 10.0.96.0/116
RID: 10.0.96.65
Peer: 192.168.4.5/30 Extended Community RT 1:110
CE_LTE
AS 110
RID: 10.0.96.65, Origin IGP, Metric=0
Next-Hop IP Address
VPN Label
ORL_PEs Loopback
26
The overlapping address problem is solved with Route MP-iBGP while transporting the customer routes of VRF
Distinguisher (RD). The normal BGP protocol can not carry prepends the pre-defined RD to the IPv4 address to make
this extended address. It is modified as MP-BGP, which it unique.
can carry multiple protocol addresses of various length.
The EVDO network 10.0.96.0/20 after prepending the RD
A unique 8-byte (64-bit) Route Distinguisher is added to looks like 1:120:10.0.96.0/116.
the customer routes in VRF before transporting on MP-
You may have a question here how the subnet-mask 20
iBGP. The route created is known as a VPNv4 route. The
has become 116. Keep this question reserved until the
VPNv4 address is 96 bits long. RD (64 bits) + IPv4 route
RD format is discussed in the next slide.
(32 bits) = 96-bit VPNv4. Each VRF is assigned with a
unique RD. The default format used is [AS No:Number]. By The LTE network 10.0.96.0/20 after prepending the RD
adding a unique RD the customer routes, though looks like 1:110:10.0.96.0/116.
overlapping, look unique. The MP-iBGP carries both the routes now as they are
We assign the RD value by a one-line command: rd <AS unique.
No :Number> inside the specific VRF.
The example above shows how RD is assigned.
We assign the RD 1:120 for EVDO VRF using the default
format [AS Number:Number]. The core AS 1 and the
customer AS 120 to derive the unique RD here. For LTE
VRF we assign the RD 1:110 using the same principle
core AS 1 and the customer AS 110.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
165
9 | L3VPN Routing
Prefix + MPLS Label-EXP-S + RD+ IPv4 Network = VPNv4 Advertisement = SAFI 128
Award Solutions Proprietary
The Route Distinguisher uses a 64-bit format as shown in Three bytes comprising of a VPN label, experimental field
the chart above. Two formats are currently defined. and S-bit are attached to the VPNv4 address. Label 20
bits + Experimental 3 bits + Bottom of the Stack bit (S-bit)
1. Type-1 RD Format: The Type-1 RD uses [AS Number:
1 bit = 24 bits = 3 bytes. The experimental bits are set to
Number] format of [16 bits:32 bits]. A two byte type
000 if not manipulated by QoS Policy and the S-bit is set
field is prepended to this value. Examples of Type-1
to 1 as the VPN label is the bottom-most label next to IP
RD are 1:120, 1:110.
header.
2. Type-2 RD Format: The Type-2 RD uses [Loopback IP
Finally, the prefix length field of 1 byte in length, that was
address of PE:Number] of [ 32bits :16 bits]. A two
an existing field of normal BGP to carry the subnet mask
byte type field is prepended to this value. Examples of
value of the route, is also added in the beginning with the
Type-2 RD are 172.16.0.129:120,
modified subnet mask as 116 to represent the Network
172.16.0.129:110.
Part and the remaining 12 bits as the host part of the
The total length of the RD, including the type field in both VPNv4 address. The Subnet Mask in VPNv4 is arrived at
the formats, is 64 bits (8 bytes). The total length of a thusly: Original subnet Mask Length 20 bits + RD 64 bits
VPNv4 address is 96 bits, i.e., RD 64 bits + IPv4 address + Label-EXP-S 24 bits + Prefix-Length field 8 bits = 116
32 bits = 96 bits of VPNv4 address. bits.
Cisco routers by default uses the Type-1 RD format. The format of 128 bits VPNv4+ VPN Label+ Prefix length
MP-iBGP does not advertise the VPNv4 address as it is as is governed by the IETF standard SAFI-128 or Subsequent
described above. It adds the unique VPN label for this -Address Family Identifier 128 bits.
route (picked up from the common Label base that LDP is
also using) and attach to the resultant VPNv4 address.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
166
9 | L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
167
9 | L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
168
9 | L3VPN Routing
Route Target
Award Solutions' eBook is authorized for a single user only. Do not distribute.
169
9 | L3VPN Routing
Route-Target
Export/Import RT 1:110 Export/Import RT 1:120
MPBGP Table
VRF LTE VRF EVDO
1:110:10.0.96.0/116; RT 1:110
10.0.96.0/20 10.0.112.0/20
1:120:10.0.112.0/116; RT 1:120
10.0.32.0/20 10.0.48.0/20
1:130:192.168.4.128/124; RT 1:130
1:110:10.0.32.0/116; RT 1:110
1:120:10.0.48.0/116; RT 1:120 VRF OAM
1:130:192.168.2.128/124; RT 1:130 192.168.4.128/28
192.168.2.128/28
Export RT ORL_PE Export/Import RT 1:130
Import RT MP-iBGP
Export/Import RT 1:120
MIA_PE VRF EVDO
MPBGP Table 10.0.48.0/20
Export/Import RT 1:110 1:110:10.0.32.0/116; RT 1:110 10.0.112.0/20
1:120:10.0.48.0/116; RT 1:120
VRF LTE 1:130:192.168.2.128/124; RT 1:130 VRF OAM
10.0.32.0/20 1:110:10.0.96.0/116; RT 1:110
192.168.2.128/28
10.0.96.0/20 1:120:10.0.112.0/116; RT 1:120
192.168.4.128/28
1:130:192.168.4.128/124; RT 1:130
Award Solutions Proprietary Export/Import RT 1:130
The RT is an extended 8-byte Community Attribute. A No: Number>, which assigns the same RT for both import
unique RT extended community has to be assigned to and export. The other method to assign RTs is by using
each VPN customer. While advertising outbound on MP- commands route-target export <AS No: Number> and
iBGP, we attach a VPN specific RT to every MP-iBGP Peer. route-target import <AS No: Number> to assign the export
Format of RT is same as RD. By default Cisco routers use and import RTs separately. In the case of Extranet
Type-1 format [AS No:Number] implementation, we use the second method to configure
different RTs to import and export.
RT is the VPN specific value. It should be same across all
the VRFs belong to the same customer.
The RD need not be same across the across all VRFs of a
customer (RD is locally specific on a router to differentiate
the routes from other VRFs) but, by convention, we use
the same value that was assigned to RT.
RT configuration has two parts. One is known as export
RT, which is attached to MP-BGP advertisements as
Extended Route-Target Community Attribute, along with
the VPNv4 routes advertisements. The other one is import
RT, which is to filter out only the required VPNv4 routes
with the matching RT community as in the import RT
configured for that VRF.
There are two methods to configure the route targets for
VRFs. The first one is by command route-target both <AS
Award Solutions' eBook is authorized for a single user only. Do not distribute.
170
9 | L3VPN Routing
Route-Target (Continued)
Export/Import RT 1:110 Export/Import RT 1:120
MPBGP Table
VRF LTE VRF EVDO
1:110:10.0.96.0/116; RT 1:110
10.0.96.0/20 10.0.112.0/20
1:120:10.0.112.0/116; RT 1:120
10.0.32.0/20 10.0.48.0/20
1:130:192.168.4.128/124; RT 1:130
1:110:10.0.32.0/116; RT 1:110
1:120:10.0.48.0/116; RT 1:120 VRF OAM
1:130:192.168.2.128/124; RT 1:130 192.168.4.128/28
192.168.2.128/28
Export RT ORL_PE Export/Import RT 1:130
Import RT MP-iBGP
Export/Import RT 1:120
MIA_PE VRF EVDO
MPBGP Table 10.0.48.0/20
Export/Import RT 1:110 1:110:10.0.32.0/116; RT 1:110 10.0.112.0/20
1:120:10.0.48.0/116; RT 1:120
VRF LTE 1:130:192.168.2.128/124; RT 1:130 VRF OAM
10.0.32.0/20 1:110:10.0.96.0/116; RT 1:110
192.168.2.128/28
10.0.96.0/20 1:120:10.0.112.0/116; RT 1:120
192.168.4.128/28
1:130:192.168.4.128/124; RT 1:130
Award Solutions Proprietary Export/Import RT 1:130
The example shown above explains the exchange of VRF MIA_PE and vice versa.
routes between ORL_PE and MIA_PE. ORL_PE has been
The import RT configured in each VRF filters out the
created with VRF LTE, VRF EVDO and VRF OAM. The LTE
required route with the matching RT, removes the RD and
customers route 10.0.96.0/20 is populated in VRF LTE.
modifies the prefix-length and writes into the IPv4 VRF.
The EVDO customers route 10.0.112.0/20 is populated
in VRF EVDO. The OAM interfaces route The export RT is indicated in the chart above with an
192.168.4.128/28 is populated in VRF OAM. arrow from the VRF toward the MP-BGP table and the
import of the route is shown by an arrow from the MP-BGP
These routes are transferred to MP-BGP table as VPNv4
table toward the VRF via an import RT filter.
routes (by prepending the RD) along with the export RT
configured. The VRF LTE of ORL_PE can see only the routes of VRF
LTE belong to MIA_PE and vice versa. The same is the
In the same way, MIA_PE has been created with VRF LTE,
case with VRF EVDO and VRF OAM.
VRF EVDO and VRF OAM. The LTE customers route
10.0.32.0/20 is populated in VRF LTE. The EVDO The routes received from other PEs via MP-iBGP are
customers route 10.0.48.0/20 is populated in VRF EVDO. advertised toward the CE router, which is not shown in the
The OAM interfaces route 192.168.2.128/28 is diagram for simplicity.
populated in VRF OAM.
These routes are transferred to MP-BGP table as VPNv4
routes (by prepending the RD) along with the export RT
configured.
Now the MP-iBGP is ready to transport the routes across
to other PEs. ORL_PE receives the advertisement from
Award Solutions' eBook is authorized for a single user only. Do not distribute.
171
9 | L3VPN Routing
L3VPN Routing
Award Solutions' eBook is authorized for a single user only. Do not distribute.
172
9 | L3VPN Routing
L3VPN Routing
Pro Network NHOP Label(s) Pro Network NHOP Label(s)
B 10.0.112.0/20 CE_EVDO -------- B 10.0.48.0/20 CE_EVDO --------
B 10.0.48.0/20 MIA_PE 18, 25 B 10.0.112.0/20 ORL_PE 20, 35
CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO
CE_LTE CE_LTE
VPNv4=1:120 10.0.48.0/116, RT=1:120, NH=MIA_PE,
VPN Label = 25
e-BGP e-BGP
VPNv4=1:110 10.0.32.0/116, RT=1:110, NH=MIA_PE,
VPN Label = 26 MP-iBGP
Pro Network NHOP Label(s)
B 10.0.96.0/20 CE_LTE -------- Pro Network NHOP Label(s)
Before the L3VPN routing happens the MPLS core builds Orlando: VRF EVDO:10.0.112.0/20 via CE_EVDO,
the LSPs for all of the IP network.
VRF LTE :10.0.96.0/20 via CE_LTE
MIA_PE assigns and advertises Label 3 for its loopback IP
Miami: VRF EVDO:10.0.48.0/20 via CE_EVDO,
address since it is directly connected. The P router assigns
Label 18 for MIA_PEs loopback IP address and advertises VRF LTE :10.0.32.0/20 via CE_LTE
toward ORL_PE. The LSP, with a sequence of label 183, An MP-iBGP session is established between the loopback
from ORL_PE to MIA_PE is signaled successfully. The address of the PEs. Full-Mesh MP-iBGP is must between
Orlando site uses this tunnel to forward the IP packets all PEs. The P router need not participate in MP-iBGP as it
toward the Miami site. has no customers/VRFs.
ORL_PE assigns and advertises Label 3 for its loopback IP
address since it is directly connected. The P router assigns
Label 20 for ORL_PEs loopback IP address and
advertises toward MIA_PE. The LSP, with a sequence of
label 203, from MIA_PE to ORL_PE is signaled
successfully. The Miami site uses this tunnel to forward
the IP packets toward the Orlando site. Remember that
these LSP tunnels are one way for the IP traffic.
The CE routers of EVDO and LTE advertise their routes into
the VRFs they are connected to using the eBGP protocol.
The EVDO and LTE VRFs are now populated with the
customer routes.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
173
9 | L3VPN Routing
CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO
CE_LTE CE_LTE
VPNv4=1:120 10.0.48.0/116, RT=1:120, NH=MIA_PE,
VPN Label = 25
e-BGP e-BGP
VPNv4=1:110 10.0.32.0/116, RT=1:110, NH=MIA_PE,
VPN Label = 26 MP-iBGP
Pro Network NHOP Label(s)
B 10.0.96.0/20 CE_LTE -------- Pro Network NHOP Label(s)
The VRF EVDO and VEF LTE of Orlando and Miami sites These routes received from other PEs over MP-iBGP are
are updated with the routes received over MP-IBGP. The advertised as IPv4 routes toward the CEs over eBGP and
import Route Target configured per VRF filters and allow the customer routing table is updated accordingly. The
only the routes with the matching RT. CEs routing tables are not shown in the chart.
The contents of EVDO and LTE VRFs are shown below The end-to-end L3VPN routing is ready between the two
after the MP-iBGP updates are exchanged between sites after this process and ready to forward the customer
ORL_PE and MIA_PE. traffic between EVDO Networks and LTE networks.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
174
9 | L3VPN Routing
IP Packet 25 18
IP Packet 25
IP Packet 26 18
IP Packet 26
CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO
CE_LTE CE_LTE
Award Solutions' eBook is authorized for a single user only. Do not distribute.
175
9 | L3VPN Routing
CE_EVDO
CE_EVDO
VRF EVDO LDP: Label=18 LDP: Label=3 VRF EVDO
CE_LTE CE_LTE
20 35 IP Packet
35 IP Packet
20 36 IP Packet
36 IP Packet
The above chart describes the L3VPN forwarding of traffic VRF EVDO after popping Label 35. The VRF EVDO refers
from Miami sites towards Orlando sites. the entry 10.0.112.0/20 and forwards the IP packet
toward the CE EVDO of Orlando Site.
CE_EVDO of Miami:
In the same way, the IP Packets from Miami LTE networks
CE_EVDO of Miami site sends an IP packet to the
are forwarded toward Orlando LTE sites using inner label
destination 10.0.112.65, which is parented to CE_EVDO
36 and outer label 20.
of the Orlando site. The IP packet arrives at MIA_PE and
VRF EVDO is referred for further routing.
MIA_PE:
VRF EVDO checks the entry, 10.0.112.0/20, and forwards
the IP packet with Labels 20, 35; 20 being the outer label,
which leads to the NH ORL_PEs loopback address, and
35 being the VPN Label represents the VRF route
10.0.112.0/20 on ORL_PE.
P router:
The P router pops (PHP) the label and forwards the packet
with Label 35 toward ORL_PE.
ORL_PE:
The VPN Label 35 was advertised by ORL_PE for the VRF
EVDO route 10.0.112.0/20. The packet is forwarded to
Award Solutions' eBook is authorized for a single user only. Do not distribute.
176
9 | L3VPN Routing
Site-of-Origin
Site-of-Origin
120:4 ORL_PE2
CE_EVDO
eBGP VRF-EVDO
PROTOCOL ROUTE
B 10.0.112.0/20
AS 120
VRF-LTE SoO 120:4
SoO 110:4
eBGP
PROTOCOL
B
ROUTE
10.0.96.0/20 MIA_PE2
PE
VRF EVDO
VRF LTE
SoO 120:4
B 10.0.112.0/20
SoO 110:4
VRF-LTE
CE_LTE eBGP
PROTOCOL ROUTE
AS 110
B 10.0.96.0/20
Award Solutions Proprietary
The Site-of-Origin (SoO) is the Extended Community routers records this route in VRF EVDO.
Attribute that is attached with MP-BGP advertisements
CE_LTE advertises 10.0.96.0/20 with AS_Path attribute
when configured. It uses a 64-bit format. RD and RT also
110 using eBGP. The ORL_PE1 and ORL_PE2 routers
uses the same format. Two formats are currently defined.
records this route in VRF LTE.
Type-1: [AS Number: Number] format of [16 bits: 32 bits].
The AS_Override feature is used in the Core Network to
Type-2: [Loopback Address of PE: Number]. Cisco routers
connect all the EVDO and LTE networks as the same AS
use Type-1 SoO format by default.
number is used across all the sites. We have to advertise
SoO is useful in the multi-homing scenario shown for CE the SoO along with the VPNv4, RT, NH and Label.
routers. SoO is always implemented when the AS_Override
feature is used L3VPN. With AS _Override the original AS
number is replaced with the Core AS number and the loop
cannot be prevented based on the AS_Path attribute by
comparing the selfs AS number in the AS_Path attribute.
In this situation SoO plays an important role.
SoO identifies the Site-of-Origin. Lets assign SoO for EVDO
and LTE networks of Orlando Site-4: CE_EVDO of Orlando
is 120:4 and CE_LTE of Orlando is 110:4. In our example
above, CE_EVDO and CE_LTE of Orlando site are
connected to ORL_PE1 and ORL_PE2 for redundancy.
CE_EVDO advertises 10.0.112.0/20 with AS_Path
attribute 120 using eBGP. The ORL_PE1 and ORL_PE2
Award Solutions' eBook is authorized for a single user only. Do not distribute.
177
9 | L3VPN Routing
Site-of-Origin (Continued)
Site-of-Origin
120:4 ORL_PE2
CE_EVDO
eBGP VRF-EVDO
PROTOCOL ROUTE
B 10.0.112.0/20
AS 120
VRF-LTE SoO 120:4
SoO 110:4
eBGP
PROTOCOL
B
ROUTE
10.0.96.0/20 MIA_PE2
PE
VRF EVDO
VRF LTE
SoO 120:4
B 10.0.112.0/20
SoO 110:4
VRF-LTE
CE_LTE eBGP
PROTOCOL ROUTE
AS 110
B 10.0.96.0/20
Award Solutions Proprietary
Award Solutions' eBook is authorized for a single user only. Do not distribute.
178
9 | L3VPN Routing
RT and SoO are Extended Community Attributes that are The total Length of RT/SoO including the type field in both
attached with MP-BGP advertisements when configured to the formats is 64 bits (8 bytes).
do so.
Cisco routers use the Type-1 RT/SoO format by default.
They use a 64-bit format as shown in the chart above. RD
also uses the same format. Two formats are currently
defined.
Type-1 RT/SoO Format: [AS Number: Number] format
of [16 bits: 32 bits]. A two-byte type field is
prepended to this value. The type field contains
additional information to differentiate the RT from
SoO.
Examples of Type-1 RT/SoO are: 1:120, 1:110.
Type-2 RT/SoO Format: The Type-2 RT/SoO uses
[Loopback Address of PE: Number] format of [32 bits:
16 bits]. A two byte type field is prepended to this
value. The type field contains additional information
to differentiate the RT from SoO.
Examples of Type-2 RT/SoO are 172.16.0.129:120,
172.16.0.129:110.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
179
9 | L3VPN Routing
TAM_PE1
PALM_PE1 P1
P1 BTS
BTS VRF
VRF BTS
BTS EVDO
EVDO
1x EVDO
1x EVDO Network
Network AS 120
AS 120 CE 1xEVDO
1xEVDO CE
TAM Site-3
PALM Site-1 VRF VRF
EVDO EVDO
PALM_PE2 P1
P2 TAM_PE2
MP-iBGP
10.0.16.0/20
AS_Override 120 1 AS_Path: 1
NH:172.16.0.130
Award Solutions Proprietary
BGP multipath is the feature of MP-iBGP to install the The iBGP multipath feature is available on MPLS enabled
multiple paths to the same destination in the routing table routers. In the case that CE routers are MPLS-capable we
instead of choosing the best one based on the Path can implement the eBGP multipath feature on CEs to
Determination algorithm. When this feature is enabled, install the multiple paths.
the path determination algorithm is ignored. When CEs
are multi-homing, this feature can be used. The
advantages of BGP multipath are load balancing and fast
convergence in the MPLS Core.
In the chart shown above, the EVDO network of Palm Bay
Site-1 is multi-homed to PALM_PE1 and PALM_PE2, and
advertises 10.0.16.0/20 with AS_Path 120.
These advertisements reach TAM_PE1 and TAM_PE2
routers at Tampa Site-3. Both the PE routers at the Tampa
site receives an advertisement from PALM_PE1 and
PALM_PE2.
Since the iBGP multipath feature is configured in the VRFs
of TAM_PE1 and TAM_PE2, it overrides the path
determination algorithm and records both the paths for
the destination 10.0.16.0/20.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
180
9 | L3VPN Routing
Summary
L3VPN uses the Provider-Customer Model.
L3VPN requires OSPF, LDP and MPLS in the Core.
eBGP is usually used between the PE and CE.
MP-iBGP is used to exchange the routes between VRFs.
MP-iBGP adds RD to the VRF routes, converts to VPNv4 and
advertises to other PEs.
The Route-Target, Next-Hop, and VPN Label are also
advertised for each VPNv4 Route by MP-iBGP.
The IP Packets of VPN customers are forwarded over the
MPLS Core by stacking with VPN Label (inner label) and IGP
Label (outer label).
Award Solutions' eBook is authorized for a single user only. Do not distribute.
181
9 | L3VPN Routing
Review Questions - I
1. The Forwarding Information Base (FIB) is used to forward:
A. Only IP packets.
B. Only labelled packets.
C. Both IP packets and labelled IP packets.
2. The Label Forwarding Information Base (LFIB) is used to forward:
A. Only IP packets.
B. Only labelled packets.
C. Both IP packets and labelled IP packets.
3. The VRF parameters are:
A. RD, Import-RT, Export-RT and Next-Hop Attribute.
B. RD, Import-RT and Export RT.
C. RD and Export RT.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
182
9 | L3VPN Routing
Review Questions - II
4. The purpose of the Import-RT is to:
1. Allows only the route with the matching RT .
2. Allows only the route with the matching RD.
3. Allows only the route with matching RT and RD.
5. Site-of-Origin (SoO) is advertised in MP-iBGP to:
1. To prevent routing loops for the customer routes.
2. To prevent routing loops for the provider routes.
3. To prevent routing loops for all network routes.
6. The advantage of the iBGP Multipath feature in multi-homing
scenario is:
1. The convergence time is negligible in case of single-link failure.
2. Load balancing in the MPLS Core in not required.
3. MPLS Core Bandwidth is multiplied.
Award Solutions' eBook is authorized for a single user only. Do not distribute.
183
Award Solutions' eBook is authorized for a single user only. Do not distribute.
184
Acronyms
Award Solutions' eBook is authorized for a single user only. Do not distribute.
185
Acronyms
Award Solutions' eBook is authorized for a single user only. Do not distribute.
186
Acronyms
RID Router ID
RIP Routing Information Protocol
RNC Radio Network Controller
RR Route Reflector
RSTP Rapid Spanning Tree Protocol
RT Route Target
S1-U S1 - User Plane
SAFI Subsequent-Address Family Identifier
SGSN Serving GPRS Support Node
S-GW Serving Gateway
SoO Site-of-Origin
SPF Shortest Path First
STP Spanning Tree Protocol
SW Switch
TCP Transmission Control Protocol
UE User Equipment
UMTS Universal Mobile Telecommunications System
VLAN Virtual Local Area Network
VPN Virtual Private Network
VPNv4 Virtual Private Network Version 4 (Cisco)
VRF Virtual Routing and Forwarding
Award Solutions' eBook is authorized for a single user only. Do not distribute.
187
Award Solutions' eBook is authorized for a single user only. Do not distribute.
188
References
Standards
1. Moy, J., OSPF Version 2, RFC 2328, RFC 2328, April 1998.
2. Berger, L., Bryskin, I., et al, The OSPF Opaque LSA Option, RFC 5250, July 2008.
3. Rekhter, Y. (ed.), Li T. (ed.), and Hares, S. (ed.), A Border Gateway Protocol 4, RFC 4271, January 2006.
4. T. Bates, R. Chandra, D. Katz, Y. Rekhter , Multiprotocol Extensions for BGP-4 , RFC4760, January 2007 DRAFT
STANDARD
5. Rosen, E., Viswanatha, A., and Callon, R., Multiprotocol Label Switching Architecture, RFC 3031, January 2001.
6. E. Rosen, D. Tappan, G. Fedorkow, Y. Rekhter, D. Farinacci, T. Li, A. Conta , MPLS Label Stack Encoding ,
RFC3032, January 2001 PROPOSED STANDARD
7. Andersson, L. (ed.), Minei, I. (ed.), and Thomas, B. (ed.), LDP Specification, RFC 5036, October 2007.
8. B. Thomas, E. Gray , LDP Applicability, RFC3037, January 2001, INFORMATIONAL RFC
9. Rosen, E., and Rekhter, Y., BGP/MPLS IP Virtual Private Networks (VPNs), RFC 4364, February 2006.
10. IEEE Std 802.1q-2005, IEEE Standard for Local and Metropolitan Area Networks Virtual Bridged Local Area
Networks.
11. IEEE Std 802.1d-2004, IEEE Standard for Local and Metropolitan Area Networks Media Access Control
(MAC) Bridges.
Web Sites
1. http://www.ietf.org
2. http://www.ieee.org
3. http://www.iana.org
4. http://www.cisco.com
5. http://www.ciscopress.com
Books
1. Jeff Doyle - CCIE No. 1919, Jennifer Carroll - CCIE No. 1402, CCIE Professional Development Routing TCP/IP,
Volume I, Second Edition, Cisco Press, October 2005
2. Jeff Doyle, Jennifer DeHaven Carroll, Routing TCP/IP, Volume II (CCIE Professional Development), Cisco Press,
Apr 2001
3. Ivan Pepelnjak, Jim Guichard, MPLS and VPN Architectures, Cisco Press, Oct 2000
4. Ivan Pepelnjak, Jim Guichard, Jeff Apcar, MPLS and VPN Architectures, Volume II, Cisco Press, Jun 2003
5. Lancy Lobo - CCIE No. 4690, Umesh Lakshman, MPLS Configuration on Cisco IOS Software, Cisco Press,
October 2005
Award Solutions' eBook is authorized for a single user only. Do not distribute.
189