Routing II: Protocols (RIP, EIGRP, OSPF, PNNI, IS-IS): Brief Version Shivkumar Kalyanaraman Rensselaer Polytechnic Institute shivkuma@ecse.rpi.edu Based in part upon slides of Prof. Raj Jain (OSU), S. Keshav (Cornell), J. Kurose (U Mass)

Overview RIP, RIPv2, EIGRP OSPF, PNNI, IS-IS: LS efficiency & robustness Link state distribution, DB synchronization, NBMAs etc Refs: Chap 16,14 Suggested Ref. Books: “Interconnections” by Perlman, “OSPF” by John Moy, “Routing in Internet” by Huitema. Reference: RFC 2328: OSPF Version 2: In HTML Reading: Notes for Protocol Design, E2e Principle, IP and Routing: In PDF Reading: Routing 101: Notes on Routing: In PDF | In MS Word Reference: Tsuchiya, "The Landmark Hierarchy: A New Hierarchy for Routing in Very Large Networks"

RIP: Routing Information Protocol Uses hop count as metric (max: 16 is infinity) Tables (vectors) “advertised” to neighbors every 30 s. Each advertisement: upto 25 entries No advertisement for 180 sec: neighbor/link declared dead routes via neighbor invalidated new advertisements sent to neighbors A.k.a Triggered updates Link failure info quickly propagates to entire net

RIPv1 Problems (Continued) Recall: Poisoned Reverse: If Z routes through Y to get to X : Z tells Y its (Z’s) distance to X is infinite (so Y won’t route to X via Z) Poison reverse used to prevent ping-pong loops (infinite distance = 16 hops) Split horizon/poison reverse does not guarantee to solve count-to-infinity problem 16 = infinity => RIP for small networks only! Slow convergence RIPv1 does not support subnet masks (VLSMs) No authentication

RIPv2 Why ? Installed base of RIP routers Key new features: VLSM support Authentication Multicasting

E-IGRP (Interior Gateway Routing Protocol) CISCO proprietary; successor of RIP (late 80s) Key idea: Loop-free routing via Distributed Updating Alg. (DUAL) based on diffusing computation Freeze entry to particular destination Diffuse a request for updates Other nodes may freeze/propagate the diffusing computation (tree formation) Unfreeze when updates received. Tradeoff: temporary un-reachability for some destinations

Link State Protocols Key: Create a network “map” at each node. 1. Node collects the state of its connected links and forms a “Link State Packet” (LSP) 2. Flood LSP => reaches every other node in the network and everyone now has a network map. 3. Given map, run Dijkstra’s shortest path algorithm (SPF) => get paths to all destinations 4. Routing table = next-hops of these paths. 5. Hierarchical routing: organization of areas, and filtered control plane information flooded.

Link State Protocol Issues Reliable Flooding: sequence #s, age Neighbor discovery and Neighbor maintenance (hello) Efficiency in different types of networks: Broadcast LANs, NBMA, Pt-Mpt subnets Hierarchy of areas Area types: Normal, Stub, NSSA: filtering Advanced topics: incremental SPF algorithms

Reliable Flooding…

Topology Dissemination A.k.a LSP distribution 1. Flood LSPs on links except incoming link Require at most 2E transfers for n/w with E edges 2. Sequence numbers to detect duplicates Why? Routers/links may go down/up Issue: wrap-around, larger sequence number is not the most recent!

Sequence Number Space Organization Circular space: S1 > S2 > S3 > S1 Accidental bit errors in switch memory caused this problem in ARPANET Lollipop sequence: Start with S0, increment till you reach circle and then view it as a circular space No ambiguity in lollipop handle Linear space: OSPFv2. If Smax reached, explicitly delete Smax LSA before wrapping around

Topology Dissemination (Continued) Checksum field: Drop packet if in error, get retransmission from neighbor Age field (similar to TTL) Number of seconds since LSA originated Periodically incremented after acceptance Originating router refreshes LSA after 30 min Delete if Age = MaxAge Low age field + large seq # => that LSA is flapping or frequently changing …

Neighbor Relationships & LSA: Basic OSPF Models

Neighbor Discovery & Relationship OSPF routers periodically send out 'hello' packets Used to determine if neighbor is up HelloInterval = 10s (in example) Assumes neighbor dead if no response within RouterDeadInterval = 40s (in example) A.k.a: “adjacency” Note that adjacency is a “software link” abstraction Less reliable than a physical link Becomes an issue if large number of adjacencies need to be maintained

Hello: Packet Format

Neighbor Relationships… Once an adjacency is established, information is traded Neighbor relationship: bi-directional Local topology information is packaged in a "link state announcement“ (LSA) Multiple types of LSAs: (details later) Initial DB synchronization New announcements sent ONCE, and only updated if there's a change, or every 45mins...

Database Synchronization LS Database (LSDB): collection of the Link State Advertisements (LSAs) accepted at a node. This is the “map” for Dijkstra algorithm When the connection between two neighbors comes up, the routers must wait for their LS DBs to be synchronized. Else routing loops and black holes due to inconsistency OSPF technique: Source sends only LSA headers, then Neighbor requests LSAs that are more recent. Those LSAs are sent over After sync, the neighbors are said to be “fully adjacent”

Recovering from a partition On partition, LSP databases can get out of synch Databases described by database descriptor records Restored link => talk to each other to update databases (determine missing and out-of-date LSPs) => selective synchronization

OSPF Router-LSA: Scenario

Router-LSA:

Issues in Mapping OSPF Hellos, LSAs, Dijkstra semantics onto Different Types of Sub-Networks

Recap: IP Subnet Model Each subnet assigned one or more address prefixes. Each address prefix is called an IP subnet IP routes to subnets, not to individual hosts Two hosts on different subnets have to go through routers… Even if they are on the same “physical” network

IP Subnet Model (Contd) Two hosts or routers must be able to send packets “directly” to one another IFF they are on a common subnet => Two routers cannot exchange routing information directly unless they have one or more IP subnets in common => Two hosts on the same “subnet” cannot be indirectly connected through switches etc! All these issues will be strained as we study OSPF adjacency operation over different subnets

Broadcast Media: Adjacency Maintenance Issue: Hellos and LSAs optimized for pt-pt links Multiple (N) OSPF routers on a common subnet (bus) One “physical link” vs N*(N-1) “adjacencies” How many “links” to be counted for Dijkstra algo? How many Hellos to be exchanged on the shared bus?

Broadcast net: Adjacency Maintenance Ans: Each router is assumed to be “linked” to every other router Dijkstra algorithm views the bus as a full mesh, I.e. counts O(N2) adjacencies. Hello protocol optimization: Each node multicasts Hello to 224.0.0.5 (multicast address “AllSPFRouters”) & piggybacks its acks LSA optimization: Since we have O(N2) adjacencies for Dijkstra, should we create N Router LSAs, with a total of O(N2) adjacency information? Or 1 new type of LSA to represent this “bus”?

Flooding Adjacencies : option 1 Using Router-LSAs … O(N) Router-LSAs, with O(N2) adjacency info Multicast of Router-LSAs does not solve O(N2) DB synchronization issue

Flooding Adjacencies: option 2 New LSA-type: Network-LSA … O(N) Router-LSAs + 1 network-LSA+ O(N) adjacencies Converted O(N2) adjacency problem into O(N) problem

Recap: O(N2) model  O(N) model Question: Who creates the network-LSA?

Designated Router (DR) One router elected as a designated router (DR) Each router maintains “flooding adjacency” with the DR, I.e., DR responsible for collecting acks of LSAs DR informs each router of other routers on LAN DR generates the network-LSA on subnet’s behalf after synchronizing with all routers

DR, BDR … continued Backup DR (BDR) and takes over if DR dies It also has flooding adjacencies w/ other routers => Total: 2N – 1 adjacencies Multicast-based optimization: LSAs from other networks & Hellos sent to AllSPFRouters LSA acks sent to AllDRRouters avoids separate copies to be sent to DR and BDR

DR, BDR … continued DR election: First router on net = DR, second = BDR RouterPriority: [0, 127] indicated in Hello packet=> highest priority router becomes DR If network is partitioned and healed, the two DRs are reduced to one by looking at RouterPriority

Network-LSA Example: Summary DR

Non-Broadcast Subnets: OSPF Optimizations

What if subnet does not support broadcast? Non-Broadcast Multiple Access (NBMA) media NBMA segments may support > 2 routers Allow any two routers to communicate directly, But do not support data-link broadcast/mcast capability Eg:X.25, SMDS, Frame-Relay, ATM etc Issues: Connection-oriented (VC-based) communication Each VC is costly => setting up full mesh for Hellos is prohibitively expensive

OSPF models Two flooding adjacency models in OSPF: 1. Non-Broadcast Multiple Access (NBMA) model Simple extension of broadcast subnet model 2. Point-to-Multipoint (pt-mpt) Model Different tradeoffs…

NBMA Model Preliminaries: Neighbor discovery: manually configured Dijkstra SPF views NBMA as a full mesh! DR and BDR only maintain VCs and Hellos with all routers on NBMA DB synchronization works same as broadcast subnet Flooding in NBMA always goes through DR Multicast not available to optimize LSA flooding. DR generates network-LSA just like broadcast subnet

Partial Mesh F-Relay: NBMA model

NBMA vs Pt-Mpt Subnet Model Key assumption in NBMA model: Each router on the subnet can communicate with every other (same as IP model) But this requires a “full mesh” of expensive PVCs at the lower layer! Many organizations have a hub-and-spoke PVC setup, a.k.a. “partial mesh” Conversion into NBMA model => multiple IP subnets, and complex configuration OSPF’s pt-mpt subnet model breaks the rule that two routers on the same network must be able to talk directly Can turn partial PVC mesh into a single IP subnet

Partial Mesh F-Relay: pt-mpt model

Pt-Mpt Subnet Model Key: Partial mesh is viewed in Dijkstra as a partial mesh. Full mesh view not forced like in NBMA model. Neighbor relationships are not formed w/ nodes to which direct PVC does not exist. No DRs or BDRs! Just hellos over the PVCs. Make sure that the communication is bi-directional. Loss in efficiency because the DB synchronization has to be done between every peer. O(n^2) if full mesh. So, in true full PVC mesh situations, it is better to operate subnet as an NBMA

Hierarchical Routing

Why Hierarchy? Information hiding (filtered) => computation, bandwidth, storage saved => efficiency => scalability Address abstraction vs Topology Abstraction Multiple paths possible between two areas 

Hierarchical OSPF

Area Configured area ID A set of address prefixes Do not have to be contiguous So a prefix can be in only one area A set of router IDs Router functions may be interior, inter-area, or external An area contains a set of cooperating routers that share a synchronized and distributed topological database. Routers connected to multiple areas have multiple databases. The ability to hide details of areas from other areas makes a significant reduction in routing traffic possible. Additional refinements are possible, furhter hiding the detals of knowledge about areas outside the local area.

Hierarchical OSPF Two-level hierarchy: local area, backbone. Link-state advertisements only in area each nodes has detailed area topology; only know direction (shortest path) to nets in other areas. Two-level restriction avoids count-to-infinity issues in backbone routing. Area border routers (ABR): “summarize” distances to nets in own area, advertise to other Area Border routers. Backbone routers: uses a DV-style routing between backbone routers Boundary routers (AS-BRs): connect to other ASs (generate “external” records)

Sample Area Configuration 10.2.0.0/24

Summary-LSA Example

Stubbiness: A Means of Controlling External Routes

Normal Areas Flood AS-external-LSAs (type 5) across area-boundaries (AS flooding scope) ASBR-summary-LSAs (type 4) advertises location of ASBR (Area flooding scope)

Stub Areas AS-external-LSAs (type 5) not flooded into stub areas Default route to ABR for all non-area prefixes Summary-LSA flooded only optionally Paths may be inefficient, cannot place an ASBR in stub areas

Not-So-Stubby-Areas (NSSA) A subset of external LSAs may be flooded Use Type-7 LSAs for such external routes Used to import RIP domain routes and flood it externally, but keep default route for BGP routes

Recap: Some Key Differences External routes vs Summary LSAs External routes summarize routes outside the domain, while summary LSAs summarize routes outside an area. NSSA vs Stubby Areas: Both are special cases of OSPF hierarchies They differ in their treatment of external routes Stubby areas filter ALL external routes, while NSSAs selectively filter external routes.

Other Link State Protocols: IS-IS, PNNI

IS-IS Overview The Intermediate Systems to Intermediate System Routing Protocol (IS-IS): originally designed to route the ISO Connectionless Network Protocol (CLNP) . (ISO10589 or RFC 1142) Adapted for routing IP in addition to CLNP (RFC1195) as Integrated or Dual IS-IS (1990) IS-IS is a Link State Protocol similar to the Open Shortest Path First (OSPF). OSPF supports only IP IS-IS competed neck-to-neck with OSPF. OSPF deployed in large enterprise networks IS-IS deployed in several large ISPs

Functional Comparison Protocols are recognizably similar in function and mechanism (common heritage) Link state algorithms Two level hierarchies Designated Router on LANs Widely deployed (ISPs vs enterprises) Multiple interoperable implementations OSPF more “optimized” by design (and therefore significantly more complex) IS-IS not designed from the start as an IP routing protocol (and is therefore a bit clunky in places)

IS-IS Terminology Intermediate system (IS) - Router Designated Intermediate System (DIS) - Designated Router Pseudonode - Broadcast link emulated as virtual node by DIS End System (ES) - Network Host or workstation Network Service Access Point (NSAP) - Network Layer Address Subnetwork Point of attachment (SNPA) - Datalink interface Packet data Unit (PDU) - Analogous to IP Packet Link State PDU (LSP) - Routing information packet Level 1 and Level 2 – Area 0 and lower areas

Private Network to Node Interface (PNNI) Link State Routing Protocol for ATM Networks “A hierarchy mechanism ensures that this protocol scales well for large world-wide ATM networks. A key feature of the PNNI hierarchy mechanism is its ability to automatically configure itself in networks in which the address structure reflects the topology…”

PNNI Features Scales to very large networks. Supports hierarchical routing. Supports QoS. Supports multiple routing metrics and attributes. Uses source routed connection setup. Operates in the presence of partitioned areas. Provides dynamic routing, responsive to changes in resource availability. Separates the routing protocol used within a peer group from that used among peer groups. Interoperates with external routing domains, not necessarily using PNNI. Supports both physical links and tunneling over PVCs.

PNNI Terminology

PNNI Terminology … Peer group: A group of nodes at the same hierarchy Border node: one link crosses the boundary Logical group node: Representation of a group as a single point Child node: Any node at the next lower hierarchy level Parent node: LGN at the next higher hierarchy level Logical links: links between logical nodes Peer group leader (PGL): Represents a group at the next higher level. Node with the highest "leadership priority" and highest ATM address is elected as a leader. PGL acts as a logical group node. Uses same ATM address with a different selector value. Peer group ID: Address prefixes up to 13 bytes

Hierarchical Routing: PNNI

Source Routing Source specifies route as a list of all intermediate systems in the route. Abstracts out area hops. Designated Transit List (DTL) Source route across each level of hierarchy Entry switch of each peer group specifies complete route through that group Set of DTLs and manipulations implemented as a stack DTL example: next slide

DTL Example

Crank back and Alternate Path Routing If a call fails along a particular route: It is cranked back to the originator of the top DTL The originator finds another route or Cranks back to the generator of the higher level source route

Summary DV Protocols: RIP, EIGRP LS Protocols: OSPF, IS-IS, PNNI