All Trademarks Belong to Their Owners

! Disclaimer !

This White Paper was done with utmost care and thorough reviewing but is presented "AS IS" with possible errors and misinterpretations.

However none of the pictures and statements can be used as reference regarding the behavior of the mentioned devices. This paper was done independent of Cisco and can never be used as commitment of any party. The author and PRO IN declares that they will not be held liable or responsible for any action a reader of this White Paper will take following the information given here.

All trademarks belong to their owners.

Author:

Alexander Marhold

Senior Consultant and Trainer

PRO IN Consulting GmbH

Vienna / Austria

mailto:

Copyright Notice:

1999-2001

PRO IN Training GmbH

Comercial Use (Sale, Training, CBT,…) partly or in whole is strictly prohibited

The "Cisco Routing Process"

is a set of mechanisms which forward IP data packets and which populates the IP routing table by using different sources like

routing updates from neighbors
connected interfaces
static routes

The mechanism also sends out routing updates eventually converting them between different routing protocols.

Additionally "IP Policy Routing" allows to overcome the traditional destination based routing.

For commanding this mechanisms a vast range of commands and modifiers are defined in the Cisco IOS.

The following mechanism and behaviors are described in detail in this white paper:

the general packet forwarding process

policy routing

routing updates and general behavior of routing protocols

the INCOMING routing process and its corresponding commands

the OUTGOING routing process and its corresponding commands

The "processes" in this paper are models for explaining the mechanisms, and are not the real implemented IOS processes.

This paper describes the above mentioned mechanism without focussing on particular routing protocols.

Also regarding ROUTE-MAPS this paper focuses on IGP ( Interior Gateway Protocols) and does not treat the additional MATCH- and SET-clauses which are available for BGP.

This paper is not based on a specific version of IOS.

Topics NOT covered are:

details of different routing protocols
snapshot routing, ODR,…
BGP
route authentication
the Link State (LS) mechanism
QOS, COS, TOS routing
tunneling

This White Paper assumes, that the reader already has a good knowledge about IP and IP Routing Protocols.

The structure of the paper has the picture and its details always on even pages and the description to each picture on the page that follows. Thus when printed doublesided will allow to see the picture and the explanations without turning the pages.

The author likes to get feedback, suggestions and also corrections, so please feel free to contact him via E-mail.

Routing in General

Covers general topics in Routing and Routing Updates.

Routers have 2 primary tasks:

Path Finding ( done via Routing Protocols )
Packet Forwarding ( Layer 3 IP function )

Path Finding is done by exchanging Routing information between adjacent routers.

- In DISTANCE VECTOR routing protocols a router forwards the networks of his routing table ( or changes of it) to its neighbors, observing mechanisms of SPLIT-HORIZON. Depending on the protocol the network information is sent with (subnet-)mask-information or without. In RIP Version 1 und IGRP no masks are transmitted, thus preventing the freedom of using discontigous subnets and/or VLSM (Variable Length Subnet Masking).

- In LINK STATE routing protocols the routers exchange informations regarding the connected networks, the external routes (interarea, static, from external routing protocols), the connections to neighbor routers, by forwarding LSPs (Link State Packets). These LSPs are forwarded hop-by-hop to every other router within an area. When receiving these LSPs a router can calculate the best paths to advertised networks.

How does a router knows of its neighbor ?

Again there is a difference between the routing Protocols.

- DISTANCE VECTOR protocols send out their routing updates as broadcast (RIP V1, IGRP) or as multicasts (RIP V2) and by getting routing updates the router learns the source of these updates.

- LINK STATE protocols and EIGRP establish a neighborship to adjacent routers by sending HELLO-packets and control these links by resending these HELLOs every short period. When an ADJACENCY is found and eventually verified the routers begin exchanging their routing information.

!!! CAVEAT !!!

LINK STATE protocols and EIGRP only uses and establishes ADJACENCIES using the PRIMARY IP Address of an interface. If they do not match the connection to the neighbor router will not be established.

LINK STATE protocols also verify certain parameters before allowing the connection to an ADJACENCY:

same IP-subnet
equal network type
same value of timers

the command:

SHOW IP <prot> neighbor

shows the adjacencies and their status.

Dependent on the routing protocol there are also various DEBUG commands which show in detail the adjacency building process.

How to prevent routing updates or establishing neighborship on an interface ?

Generally this is done using the router command

PASSIVE-INTERFACE <interface-name>

For DISTANCE VECTOR protocols this command ONLY prevents the sending out of routing updates on a particular interface. However it does not prevent from getting routing updates over that interface.

!!!HINT!!!

In order to prevent getting routing updates for Distance Vector protocols use the router command:

DISTANCE 255 <netw-addr> <wildcardmask> [ access-list ]

With this command al routing updates sent out by devices on the specified net will not be considered for entry in the routing table.

For LINK STATE protocols and EIGRP passive-interface prevents the establishment of adjacencies and thus the sending of any LINK STATE Packets.

However this does not prevent the router from announcing this network as connected interface in its routing updates over other interfaces.

OSPF treats that connected network of a passive-interface as STUB-NETWORK.

Also IS-IS and Integrated IS-IS have some specialities regarding the OSI or IP informations on such passive interfaces.

The Packet Forwarding Process

Packets are forwarded downstream a path from the sender to the receiver.

Route information (information about the reachability of a network) is forwarded UPSTREAM from router to router.

This is important to consider when using blocking of routing information in order to prevent access to certain networks.

The packet forwarding is done by an independent decision of each router on the path, using the destination address of the packet and the Routing Table as basis for finding a next-hop.

The router will consult the routing table (or a special forwarding table, based on the content of the routing table), comparing the destination address with the network information in the routing table and will use the most specific network information for a decision about the outgoing path.

The lookup process can be recursive, that means, that more than one lookup may be needed in order to find the real next-hop-address for forwarding the packet.

If such a next-hop or an outgoing interface is found the router will forward the packet on the specified connected interface.

If no route is found and also no default-route is available or appropriate, the router will delete the packet and inform the sender via ICMP about this happening.

What is CLASSFUL and CLASSLESS routing

CLASSFUL and CLASSLESS are behaviors for using the default route when information about a specific subnet is not in the routing table, but other subnets of that mayor network are found in the routing table.

Example:

# show ip route (edited output)

…

network 172.16.0.0/16 is subnetted

2 subnets, 2 masks

R 172.16.12.0/24 [120/2] 192.168.1.1 eth0

R 172.16.16.0/20 [120/4] 10.0.0.1 ser0

…

*S 0.0.0.0/0 [0/0] 11.1.1.1 ser1

The router now receives a packet on eth1 with the destination address 172.16.10.234

This address belonging to a specific subnet of 172.16.0.0/16 is NOT in the routing table.

- With IP CLASSLESS the router will take the default route and forward the packet out on Serial 1. This is done independent of any other subnet information for that mayor network 172.16.0.0/16.

- When CLASSFUL routing with the command:

NO IP CLASSLESS is selected,

the router would delete the packet and inform the sender via ICMP that he cannot forward the packet as the specified subnet of the mayor network 172.16.0.0/16 is not in his table.

What is "Gateway of last Resort",

default-network, ip route 0.0.0.0 0.0.0.0 ?

IP Default-Network xxx.xxx.xxx.xxx - This is the command that will cause a router to treat xxx.xxx.xxx.xxx as a gateway of last resort. A router can have multiple ip default-networks entered.

Gateway of last resort - This is the term that is applied to a routing entry in the Cisco routing table that the router will use to forward packets to when it lacks a more specific route. This can be learned from a route provided by another router that is tagged as a default by the advertising router. The ip default-network command is one way of having a router tag a route as a gateway of last resort.

IP Default-Gateway - This command is used in routers when IP routing disabled in order to give them an address to forward packets that are not in their address space. Routers in boot mode are a good example of this situation.

IP ROUTE 0.0.0.0 0.0.0.0 establishes a default route (catch-all) if no specific route is found

!!! CAVEAT !!!

The 0.0.0.0 route has special meaning for RIP. It is automatically installed as the local gateway of last resort. No ip default-network 0.0.0.0 is required. RIP automatically advertises the route to 0.0.0.0 even if redistribute static and a default metric are not configured.

For other routing protocols the router command:

DEFAULT-INFORMATION … allows specific control of forwarding or receiving default routes

IP Policy Routing

IP Policy Routing overcomes the normal destination based routing paradigma by allowing different criteria as basis for a routing decision. Among those criterias are:

the incoming interface
selection by extended access-lists
precedence levels
packet sizes
…

But still one paradigma stays valid:

"The router only makes a local decision about the next hop, i.e. where to send the packet out"

To overcome this one you need either Tunneling or MPLS (Multiprotocol Label Switching).

IP Policy Routing uses ROUTE-MAPS for defining the matching packets and for setting actions.

ROUTE-MAPS define a numbered sequence of MATCH and SET clauses , where the SET defines the actions to be done for packets matching the MATCH clauses.

IP POLICY ROUTING is applied to incoming packets on interfaces by using the Interface command:

IP POLICY ROUTE-MAP route-map-name

In case of no match found or when there is no SETclause specifiying a next-hop or an outgoing interface, then after the ROUTE-MAP the normal routing table is used to find a next-hop-address or outgoing interface.

!!! CAVEAT !!!

If there is an outgoing interface defined in a SET-clause, this interface must be up and be of a point-to-point type.

If there is a next-hop-address specified in the SET-clause this address have to be a real next-hop-address. That means that it must be an address of a device belonging to a directly connected network. (The Router will not do a recursive lookup for the next-hop-address)

If the above mentioned requirements are not met, the router will use the normal Routing table based route decisions and ignore the SET parameters.

Example:

The same Frame Relay interface is used as connection to the outside world AND as connections to Remote offices. The Firewall is placed in to VLANs on a Fast Ethernet attached switch

interface Serial3/0.31 multipoint

description INTERNET ACCESS

ip address 192.168.13.10 255.255…

ip policy route-map OUT-to-PIX

frame-relay map ip 192.168.13.1 501

interface FastEthernet4/1.24

description PIX-OUT

encapsulation isl 24

ip address 10.0.5.1 255.255.255.0

ip policy route-map PIX-to-OUT

route-map PIX-to-OUT permit 10

match ip address 1

set ip default next-hop 192.168.13.1

route-map OUT-to-PIX permit 10

match ip address 1

set ip default next-hop 10.0.5.2

access-list 1 permit any

Routing Information Processes:

General Considerations

A lot of problems and confusion arises from the fact that some basic principles in the Routing information process are not correctly understood.

Therefore in this chapter I will give some fundamental laws and principles and describe their consequences:

§1 The mechanism of processing incoming routing updates is COMPLETELY separated from the mechanism of creating outgoing routing updates.

The fact that a route is found in the routing table of a router is a prerequisite but NOT necessarily sufficient criteria for an outgoing routing update.

§2 The original routes of every configured routing process of a router will be considered, when decisions about which will enter the routing table will be made.

This means that route REDISTRIBUTION is never used in the incoming route processing.

§3 If more than one information of a route is found, the incoming route process will use first the ADMINISTRATIVE DISTANCE and then the METRIC for deciding which route will be established in the routing table.

Cisco IOS has a predefined Administrative Distance for each Routing Protocol which allows to prefer more trusted information sources over less trusted one.

 Sometimes I am wondering why the developers gave the second best distance of 1 to static routes entered by an administrator, as so called "Quick Fixes" by using static routes are often the cause of reachability and routing-loop problems. 

§4 Route REDISTRIBUTION is only used for outgoing routing updates.

In Principle: Route redistribution means that routes of one routing protocol in the routing table will be sent out, converted to another routing protocol on interfaces configured for routing updates of that second routing protocol.

§5 Static Routes defined with a next-hop-address are considered one hop away and have a default Administrative Distance of 1

If the next-hop-address specified in the static route is not a REAL next-hop-address (i.e. not an address in a directly connected network) the router will do recursive lookups to find this REAL next-hop-address.

§6 Static Routes defined with an outgoing interface are treated like connected networks ( i.e. networks that are 0 hops away) and thus having a default Administrative Distance of 0.

Therefore static routes defining an outgoing interface should be used only when the destination is on that connected network.

USAGE: When the connected network is address translated, you need a static route for the outside network pointing to that inside hidden network.

§7 Static Routes where the outgoing interface is down or the next-hop-address is not reachable are removed from the routing table unless the parameter PERMANENT is specified.

This allows Failover of routes also without dynamic routing protocols, when for example 2 static routes with different Administrative Distances for 2 outgoing interfaces or 2 different next-hop-addresses are defined.

§8 Routing processes are relying on a consistent metric, in order that every router find the best path in a way, that all routes are leading in the same direction.

As the base of metrics is different for different routing protocols, a direct conversion of metrics from one routing protocol to another is generally not possible.

When having more than one routing process default metric information has to be used. This default hides the correct information about the best path and this inconsistency will lead to not optimal routing and also often to ROUTING LOOPS in MUTUAL REDISTRIBUTION (i.e. more than one redistribution points).

§9 Routing is a STATEFUL process. Depending on the current information in the Routing Table different actions can happen, even when the same routing information is received.

 There are examples, where a routing was correct, but after the shutdown and restart of an interface the correct state was never reached again.[See page 15]

The INCOMING Routing Process

The incoming Routing process is responsible for populating the Routing table.

At startup this process enters the static and connected networks for all interfaces which are UP and then for each route received via any Routing potocol this process checks if this is a better route (considering Adminstrative Distance and metric) than another instance of the same route already in the table.

If a better route is found, this one is installed and the other one is removed from the table.

The different routing processes also inform the incoming routing process about any routes for which regular routing updates are missing, or which route to remove.

In order to overcome incorrect routing information Distance Vector routing processes also sets routes into a temporary holddown before reconsidering new routing information or before deleting this route.

LINK STATE processes directly remove or replace routes after running the SPF-calculation.

EIGRP when a feasability successor is found will enter the new information direct into the routing table, or will set the route to a state of ACTIVE and ask the neighbor(s) for a new route to the destination.

RIP V1 and IGRP will never establish an incoming mayor route, when they have a local subnet-route of that network in their routing table.

Monitoring the INCOMING Route process