IP Fundamentals

11.
NetworkProtocolStacks
Protocol:Setofrulesorproceduresfortransmittingdatabetweenelectronicdevices.
StackandLayers:Astackisdividedintolayers.Alayerprovidesservicestoitsupperlayerswhilereceivingservices
fromthelayerbelow.
Themaindriverforhavinglayers:Changeonelayerrequirementswithlimitedimpactonotherlayers
12.IPOverview
Convergence:onecommonstructuretosupportallservicestothecustomers(voice,data,videostreaming,etc)
IPProtocolintroducesHorizontalLayerstothenetworks
AllIPbasedservicesdontcareaboutthelowernetworksandtheaccesstechnology.TheyonlycaraboutIP.
ConvergencehappenedonIPtechnologybecause:
*Networkresourcesareallocatedonlywhenneeded
*Trafficprioritizationmechanisms
*Dynamicroutingdecisions
13.IPFundamentals
Layer1Physical:knownasthePhysicallayeranditisresponsiblefortransmittingandreceivingonthenetwork
medium,thatisitdefinestheelectricalandphysicalspecificationsfordevices.EthernetUSBBluetooth
Layer2knownastheDataLinklayeranditisresponsibleforthetransferofunitsofdatatotheotherendofthe
physicallink,thatisfromonenodetotheother.Switchesoperateatthislayer.EthernetFrameRelayPPP
Layer3Network:knownastheNetworklayeranditisresponsiblefortheswitchingandroutingofdatatothe
appropriatenetworkdevice.Routersoperateatthislayer.IPv4IPv6IPX
Layer4knownastheTransportlayeranditprovidesendtoenddataintegrityandqualityofservice.Itis
responsibleforencapsulatingapplicationdatablocksintodataunitssuitablefortransferoverthenetworktothe
destination.TCPUDPSCTP
Layer5knownastheSessionlayeranditisresponsibleforcoordinatingtheinteractionbetweenendtoend
applicationprocesses.Thatisopening,closing,andmanagingthesessionbetweenthesourceanddestination.The
Sessionlayerestablishes,managesandterminatescommunicationsessions.Examplesofprotocolsinthislayer
include:NetBIOSSAP
Layer6knownasthePresentationlayeranditisresponsibleforconvertingcodeandreformattingthedata.The
Presentationlayertranslatesdataformats,sothatdeviceswithdifferent"languages"cancommunicate.Encryption
andcompressioncanbeperformedatthislevel.Examplesofprotocolsinthislayerinclude:MIMETLSSSL
Layer7knownastheApplicationlayeranditisresponsibleforinterfacingdirectlywithapplicationsrunningonthe
networkeddevice.TheApplicationlayerinterfacesdirectlywiththeapplicationprogramsrunningonthedevices.
UserAuthenticationisperformedatthelayer.Examplesofprotocolsinthislayerinclude:FTPHTTPTelnet
TCPTransmissionControlProtocol
Transportoriented
ImportantNetworkFunctionsofTCP:
UsedbyDomainNameSystem(DNS)forlargermessages,especiallyzonetransfers
UsedbyBorderGatewayProtocol(BGP)tomaintainthetableofIPnetworks
Wellknownportnumbers:
Port20forFTPdataandport21forFTPcontrol. Port80forHTTP.
Port23forTelnet. Port143forIMAP.
Port53forDNS. Port161forSimpleNetworkManagementProtocol.
UDPUserDatagramProtocol
Sessionless
ImportantNetworkFunctionsofUDP:
UsedbyDomainNameSystem(DNS)forsimplerequestsandreplies
UsedbyDynamicHostConfigurationProtocol(DHCP)toassigndynamicIPaddressestohosts
IPv4PacketStructure:
IPv4isaheaderwhichismadeupofanumberoffields
EachfieldintheIPv4headerhasatask(e.g.Addresses,QoS,PacketFragmentation)

IPv4HeaderExplanation:
Version:settobinary0100to
indicateversion4(IPv4)orbinary
0110toindicateversion6(IPv6).

HeaderLength:describesthe
lengthoftheIPheaderin32bit
words.Thisfieldisincluded
becausetheOptionsfieldcanvary
insize.Theminimumlengthofthe
IPheaderis20octets,andthe
optionsmightincreasethissizeup
toa60octets.

TypeofService:isusedtospecify
specialhandlingofthepacket
(QoS).
TotalLength:describesthetotallengthofthepacketinoctets(includingtheheader).Becausethelargestdecimal
numberthancanbedescribedwith16bitsis65535,themaximumpossiblesizeofanIPpacketis65535octets.
Identifier:isusedinconjunctionwiththeFlagsandFragmentOffsetfieldsforfragmentationofapacket.Packet
mustbefragmentedintosmallerpacketsiftheoriginallengthexceedstheMaximumTransmissionUnit(MTU)ofa
datalinkthroughwhichtheypass.
Flags:fieldhasthefirstbitasunused.ThesecondbitistheDon'tFragment(DF)bit.Whenitissetto1arouter
cannotfragmentthepacket.ThethirdbitistheMoreFragments(MF)bitindicatingifthefragmentisthelastoneor
not.
FragmentOffset:specifiestheoffset,inunitsofeightoctets,fromthebeginningoftheheadertothebeginningof
thefragment.Becausefragmentsmightnotalwaysarriveinsequence,theFragmentOffsetfieldallowsthepiecesto
bereassembledinthecorrectorder.
TimetoLive:fieldissetwithacertainnumberwhenthepacketisfirstgenerated.Asthepackettravelsthrougha
networkeachrouterdecrementthisnumber.Ifthenumberreaches0,thepacketwillbedropped.
Protocol:describesTransportLayerprotocolforwhichtheinformationintheIPpacketisdestined.
HeaderChecksum:istheerrordetectionfieldfortheIPheader.ThechecksumisnotcalculatedfortheDatainsideIP
packet.
SourceAddress:istheaddressoftheoriginatorofthepacket.
DestinationAddress:istheaddressofthedestinationofthepacket.
Options:fieldisanoptionalfieldusedprimarilyfortesting.
Padding:isusedtoensurethattheIPheaderendsona32bitboundarybyaddingzerosaftertheOptionsfield.
32bitAddressSchemeofIPv4:
IPv4addresseshavecertaincharacteristics,theyare:32bitslong.
ContainaNetworkpartandaHostpart.
Therearealsodifferentwaystorepresenttheaddresssuchasbinaryanddecimal.
ClassfulIPAddressing:
FirstOctetRule:
IPAddressClasses:
ThevalueofthefirstbyteintheIPaddressdeterminesitsclass(thefirstbyteonthelefthandside).
ClassAvalues0through127
ClassBvalues128through191
ClassCvalues192through223
ClassD(multicast)values224through239(224.0.0.0239.255.255.255(reservedformulticast))
ClassE(experimental)values240through255(240.0.0.0254.255.255.254(reserved))
PrivateIPAddressSpace:
IntheClassAIPnetwork,theIPrangefrom10.0.0.0to10.255.255.255isforprivateuse.
IntheClassBIPnetwork,theIPrangefrom172.16.0.0to172.31.255.255isforprivateuse.
IntheClassCIPnetwork,theIPrangefrom192.168.0.0to192.168.255.255isforprivateuse.
SpecialUseIPAddressSpace:

ReservedIPAddresses:
Addressesendingwith.0and.255arereservedforthenetworkIPaddressandbroadcasting.
RunningoutofIPaddressspace:
IntheearlydaysofIPitwasnotexpectedwewouldrunoutofnetworkaddressesbuttodayweknowbetter!
ClassA:256networks
ClassB:65535networks
ClassC:16777216networks
Severalstepswereintroducedtoaddressthisissue:
PrivateIPaddressesandNetworkAddressTranslator(NAT)gateway
CIDR(ClasslessInterDomainRouting)andVLSM(VariableLengthSubnetMasking)
IPv6
14.IPv6Overview
ThebenefitsofIPv6:
MoreIPaddresses
Bettersecurity
BetterhandlingofIPformobiledevices
AndoverallimprovementstomanyshortcomingsfoundwithIPv4.
15.IPv6Fundamentals
WhatsnewwithTCP/IPv6:
IPAddresses:
Differentwaystorepresenttheaddress:128bitsaddresses(16x8)>Hexadecimal

Eachhexdigitrepresents4binaryformats
Rangefrom0toF(09)and(AF)

AbbreviatingIPv6addresses:
Twoabbreviationsarepossible:
TwoabbreviationshavebeencreatedinordertoshortenwhatmustbetypedforanIPv6address:
Leadingzerosinafieldareoptional(fieldcanbecompressed)
Representoneormoreconsecutivequartetsofallhex0swithadoublecolon(::).
Leadingzerosomitted:
2001:0db8:65a3:0000:0000:5d2e:0370:7134canbeabbreviatedto:
2001:db8:65a3:0000:0000:5d2e:370:7134
Groupsoffourzeroscanbeabbreviatedtoazero:
Multiplecontiguousgroups(2bytegroups)canbeabbreviatedtodoublecolon(::)butonlyonce:
2001:0db8:65a3::5d2e:0370:7134
Followingalltheseshortcuts:
2001:0db8:65a3:0000:0000:5d2e:0370:7134willberepresented:
2001:db8:65a3::5d2e:370:7134
Ipv6generaladdressformat:
AtypicalIPv6addressconsistsof3parts:
Theglobalroutingprefixisusedtoidentifya
specialaddress,suchasmulticast,oranaddress
rangeassignedtoasite.
AsubnetIDisusedtoidentifyalinkwithina
site.(ThesubnetIDmayalsobereferredtoas
subnetprefixorsimply"subnet.")
AninterfaceIDisusedtoidentifyaninterface
onalinkandneedstobeuniqueonthatlink.
SubnettingIPv6addresses:

SubnettingconceptisidenticaltoIPv4.Asourbusiness
hastwonetworks,weneedtosubnetthisprefix.

Thenetworkadministratorthenextendsthelengthof
theprefixassignedbytheISPfromthe/48to/64
therebycreatinga16bitssubnetpartoftheaddress.

Thisallowsthebusinesstohave65,536subnetsif
required.

IPV6Addressallocation:
IANA(InternetAssignedNumberAuthority)allocatesAS(AutonomousSystem)numberstoRegionalInternet
Registries(RIRs).
LIR(LocalInternetRegistries)TypicallyISPs(InternetServiceProviders).
AssignedPrefixes:
Youcanidentifythetypeofaddressby
lookingatthePrefix.

Somespecialaddressesareassignedoutof
thereservedaddressspacewiththebinary
prefix00000000.

Theseincludetheunspecifiedaddress,the
loopbackaddress,andIPv6addresseswith
embeddedIPv4Addresses.
CategoriesofIPAddresses:

Thebroadcastaddressingtypehasbeeneliminated
inIPv6.IPv6addresscanbeclassifiedintooneof
threecategories:unicast,multicast,anycast.
Ipv6GlobalUnicastAddressing:
IPv6standardsreservethe2000::/3prefix,whichmeansalladdressesbeginningwithbinary001oreitherahex2
or3asglobalunicastaddresses.
MatchthepurposesofIPv4publicaddresses
Itsgloballyunique
isashortcutfor
UniqueLocaladdresses(ULA):
Prefix=FC00::/7
Availableforuseinprivatenetworks,forexample,insideasinglesiteororganisation.
TheyarenotroutableintheglobalIPv6Internet.
LinkLocalUnicastAddresses
Prefix=FE80::/10
Scopelimitedtolocallink
Configuredbyautoconfiguration
Packetswiththeseaddresseswillnotbeforwardedbyrouters
InjectFFFEbetweenOUI(First3bytesontheleft)andtheserialnumber(first3bytesontheright)formingEUI64
format.
EUI64format(ExtendedUniqueIdentifier):
InterfaceID=48bitsfromNIC(NetworkInterfaceCard)ismappedas64bitsaddingFFFEhex.
Note:LinkLocaladdressusingEUI64allowsthisinterfacetocommunicatewithhostsresidingonthislocal
subnet/network.However,inordertocommunicatewithhostsoutsidethislinklocalnetwork,theinterfaceneedsa
globaladdressaswell.So,eachinterfacewillhave2addresseslinklocalandglobaltofullyoperateinIPv6domain.
IPv4mappedIPv6addresses.
Thisaddresstypehasitsfirst80bitssettozeroandthenext16settoone,whileitslast32bitsarefilledwiththe
IPv4address.TheseaddressesarerepresentedinthestandardIPv6format,buthavingthelast32bitswritteninthe
customarydotdecimalnotationofIPv4;forexample,::ffff:192.0.2.128representstheIPv4address192.0.2.128.
IPv6PacketStructure:
IPv6headerissimplerandmoreefficientthanIPv4asithasafixedlength(40bytes)andasmallernumberoffields
(8fields).

ExtensionHeaders:
NewinIPv6,canbezeroormoreextensionheadersbeforetheactualpayload.
FlowLabel:
NewinIPv6(20bits).Asendinghostcanlabelsequenceofpacketswithasetofoptions.Itisusedforbandwidth
management.
AnotherchangesfromIPv4toIPv6header:
TypeofservicehasbecomeTrafficClassfield
ProtocolhasbecomeNextHeaderfield
TotalLengthhasbecomePayloadLengthfield
TimetoLivehasbecomeHopLimitfield
NewIPv6Protocols:NeighborDiscoveryprotocol(ND):
TheIPv6NeighbourDiscoveryprotocol(ND)
usesICMPv6messagestodetermine
relationshipsbetweenneighbouringnodes.

NDreplacestheIPv4protocolsARP
AddressResolutionProtocol,ICMPRouter
discoveryandICMPredirect.
ThereisnoARPinIPv6sothenewND
protocolaccomplishesthesamethingand
manyotherfunctionsaswell,includingthe
purposesshowedinthepicture.

TransitionandcoexistencebetweenIPv4andIPv6:
DualStack:hostorroutersupportbothIPv4andIPv6.
Tunneling/Encapsulation:usedtocarryIPv6trafficbyencapsulatingitinaIPv4packetandtunnelingitoverthe
IPv4routingstructure.Commonmethods:6to4,6rd,ISATAP,etc.
Translation:MethodNATPT(NetworkAddressTranslationPacketTranslation)isusedtocommunicatewithnative
IPv4hostandapplications.Othermethods:NAT64andDNS64.
16.IPMulticastOverview
IPMulticastisamethodofsendingIPpacketstoagroupofinterestedreceiverswhereeachreceiverisreceiving
thesameinformation.
Applicationssuchasvideoconferencing,softwaredistributionandIPTVusethistechnology.
SpecificprotocolsdesignedforusewithIPMulticast.
ClassDIPaddressesaredesignatedasMulticastaddressesinIPv4.
IPMulticasttypicallyusesUDPtodeliverIPpackets.Asresultpacketdeliveryisnotguaranteed.
17.IPMulticastFundamentals
ClassD:from224.0.0.0to239.255.255.255
Bitsmoresignificantfromfirstoctetbeginswith=1110XXXX
Someaddresseswithinthisrangearereserved.
IPMulticasttypicallyusesUDPtodeliverIPpackets.
MulticastisusedtosendIPpacketstoagroupofinterestedreceiversinasingletransmission.Inthisscenario,the
sendersendsasinglepacket,theroutersonthenetworkarethenresponsibleformakingmanycopiesofthepacket
andsendingittoallreceiversthathaveregisteredtheirinterestindatafromthatsender.Therequesterwillspecify
aClassDaddressofdestiny.
Benefits:
Bandwidthsaving
Lessprocessingoverheadatrouters
MulticastProtocols:
PIM(ProtocolIndependentMulticast)usedroutertoroutercommunication.Variations:PIMSparseandPIM
DenseMode.
IGMP(InternetGroupManagementProtocol)usedtoendstationtosignalitsintentiontojoinorleavea
multicastgroup.
IGMP(InternetGroupManagementProtocol):
IGMPprotocolisimplementedonbothsideshostandrouter
TheroutersendsoutanIGMPmembershipquerytoverifythatatleastonehostonthesubnetisstillinterested
inreceivingtrafficdirecttothatgroup.
Whenthereareno3repliesconsecutivesofIGMPmembershipquerytheroutertimesoutthegroupandstops
forwardingtrafficdirecttowardthatgroup.
Thismeansthatmulticasttrafficisstillsendingontoasegment3minutesafterallgroupmembershasstop
listening.
IGMPv1:endstationleavesamulticastgroupbynoreplyingto3consecutiveIGMPmembershipqueries.
IGMPv2:thereisaLeaveGroupmessage.
IGMPSnooping:
IGMPSnoopingisanIPmulticastconstrainingmechanismthatrunsonaLayer2LANswitch.IGMPSnooping
requirestheLANswitchtoexamine,or"snoop,"someLayer3information(IGMPjoin/leavemessages)intheIGMP
packetssentbetweenthehostsandtherouter.
WhentheswitchhearstheIGMPhostreportfromahostforaparticularmulticastgroup,theswitchaddstheport
numberofthehosttotheassociatedmulticasttableentry.WhentheswitchhearstheIGMPleavegroupmessage
fromahost,theswitchremovesthetableentryofthehost.
MulticastAddressingatLayer2:

IPAddresspart:First4bitsontheIPwillalwaysbe
thesame:from224.To239.=1110XXXX.

FromMACaddresspart:First25bitswillalwaysbe
thesame.

2823=5bitslost.

32:1AddressOverlap:
As5bitsarelost,resultingthattheIPaddressisnotunique.Infact,
32differentmulticastgroupIDsmaptothesameEthernetaddress.
NetworkadministratorsshouldconsiderthisfactwhenassigningIP
multicastaddresses.Forexample,224.1.1.1and225.1.1.1maptothe
samemulticastMACaddressonaLayer2switch.Ifoneuser
subscribedtoGroupA(asdesignatedby224.1.1.1)andtheother
userssubscribedtoGroupB(asdesignatedby225.1.1.1),theywould
bothreceivebothAandBstreams.Thissituationlimitsthe
effectivenessofthismulticastdeployment.
IGMPSignaling:
IGMPmembershipquery=routersendstoverifythatat
leastonehostonthesubnetisstillinterestedin
receivingtrafficfromthegroup.

LeaveGroup=OnlyinIGMPv2

IGMPv1=Theonlyotherwayanendstationcanleavea
multicastgroup,isbynotreplyingto3consecutive
membershipqueries.
*IGMPversiononeandversiontwoarethemost
commonlyused.IGMPversion3isthelatest.
MulticastTopologyDistributiontrees:
Shortestpathtree:
Ashortestpathtree,orsourcedistributiontreeisbasicallyatreefromsourcetodestinationthatresultsinthe
lowestcostintermsofnetworkutilization.AlwaysthebestpathbutusemoreCPUmemory.
SharedTree:
Sharedtreesuselessmemorythanshortestpathtreesbutmayresultinsuboptimalpathsfromsourcetoall
receivers.Thiswillintroduceextradelaytothepacketdelivery.
MulticastRouting:
PIM(ProtocolIndependentMulticast)isaroutingprotocolthatcanbeusedforforwardingmulticasttraffic
betweenIPsubnetsornetworksegments(routertorouter).
PIMDensemodeusesapushmodeltofloodmulticasttrafficto
everycornerofthenetwork.
Multicasttrafficisfloodedthoughthenetwork.Aftertheinitial
flooding,themulticastpathsareprunedbackbynetworkclients
whodonotwishtoreceivethestream.Thismeansthatitis
initiallyassumedthatallclientsonthenetworkwanttoreceive
thetraffic,unlesstheyspecifyotherwise.
PIMroutersshouldbeconfiguredfordensemodeifitissafeto
assumethatamulticastgroup'srecipientsarespreadallacross
thenetwork.
PIMSparsemode:worksoppositelytodensemode.Here,trafficisonlysenttowhereitrequestedonthenetwork.
Clientsmustexplicitlyjointhemulticastgroupiftheywanttoreceivethestream.Thisisapullmodelwherethe
interactionisinitiatedbytheclient.Sparsemodeassumesthatnonetworkclientswishtoreceivethemulticast
trafficuntiltheyrequestit.
Sparsemodetreeisasharedtree.,wheretherootisnotnecessarilythemulticastsource.Instead,therootisaPIM
sparsemoderouterthatiscentrallylocatedinthenetwork.Thisrouteriscalledtherendezvouspoint.The
rendezvouspointmustbeadministrativelyconfiguredinthenetwork.Sourcesregisterwiththerendezvouspoint,
andthendataisforwardeddownthesharedtreetothereceivers.
TTLThresholds:
Usefulwherearoutingloophasoccurredtopreventthepacketbeingforwardedindefinitely.
ATTLthresholdmaybesetonamulticastrouterinterfacetolimittheforwardingofmulticasttraffictooutgoing
packetsthataregreaterthanthethreshold.PacketswithTTLvalues>thethresholdaredropped
AllincomingpackethavetheirTTLvaluedecrementedbyone.
2.1MPLS:MultiProtocolLabelSwitchingOverview
Characteristics:
ConvergenceofnetworksAbilitytooffernewservice
Itsabroadtermusedtodescribeasetofprotocols
Itsanetworkingprotocol.BringsmorepacketswitchingbehaviortoIP
EndtoEndpathisestablishedbeforepacketcanbeforwarded(signaling)
Packetsbelongingtothesamesessionmustusethesamepath(FECForwardingEquivalenceClass)
Oncepacketislabeled,theIPheaderisnolongerlookedat,untilthepacketexitstheLSP(LabelSwitchedPath)

MPLSbenefitsoverIP:
Predictablepathsallowtrafficengineering(QoS).Putthetrafficwherethebandwidthis.
CreationofVPNs(VirtualPrivateNetworks).

2.2MPLS:MultiProtocolLabelSwitchingFundamentals

MPLSChallengesIP:
ThefirstisQoSQualityofService.MPLSprovidespredictablepathsforIPtraffic(verysimilartoATMPVCs).
Predictablepathsallowfortrafficengineeringandenablesthenetworkfortripleplayservices.
TheotherchallengewithIPthatMPLSsolvesisthecreationofVPNsVirtualPrivateNetworks.IPVPNisaservice
offeredbyinternetserviceproviders(ISP).Remotecustomersitescancommunicateovertheserviceproviders
backboneasiftheywereconnectedtothesame,privaterouter.
MPLSandtheOSIModel:

MPLSdoesntfitintheOSIlayeringtoowell.ItisnotaLayer2protocolbecausethereis
stillL2encapsulationpresentwithlabeledpackets.ItsalsonotaLayer3protocolbecause
L3isstillpresentMPLSisoftenreferredtoasaLayer2.5protocol.

LabelSwitchedPath(LSP):
Itsaunidirectionalflowoftraffic,carryingpacketsfrombeginningtoend.DuplextrafficrequirestwoLSPs,thatis,
onepathtocarrytrafficineachdirection.

MPLSHeader:
Experimentalfield(EXP)(3Bit):identifythepriorityofthepacket,used
inthequeuingandschedulingofthepacketduringitstransport
throughdifferentnetworkelements.

Stack(S)(1bit):Itispossibleforpacketstohavemultiplelabels
attached.Ifthebitissetto1thenitindicatesthatthislabelisthe
bottominthestack,anditissetto0toindicatethattherearenomore
labelsinthestack.

TimetoLive(8bits):Itspecifiesthemaximumnumberofhopsapacket
cangothroughintheMPLSbackbone.Iftherouterattheedgeofthe
Label:20Bitfieldthatcarriesthevalueofthe
MPLSnetworkreceivesalabeledpacketwithTTLof1therouterwill
MPLSlabel.
dropitandsendanICMPmessagetimeexceededtotheoriginatorof
theIPpacket.
FEC(ForwardEquivalenceClass):
Itsdefinedasagroupoflayer3packetsthatwillhavesimilarorthesamecharacteristicsandthatcanbe
forwardedinthesamemanner.
IfpacketshavethesameFECthentheywillhavethesamelabel.
IfpacketshavethesamelabeltheymaynotbeinthesameFECastheymayhaveadifferentQoSpriority.Inother
words,theymighthavethesamelabelbutdifferentEXPvalues.
NormallyallpacketswhosdestinationsarethesameegressedgerouterwillhavethesameFEC.FECsfacilitate
complexmappingsthatwould.
SameFEC=SameLabel+SameEXPvalue
MPLSTopology:
Thereare3typesofLSR(LabelSwitchingRouters):

IngressSLRorProviderEdge(PE)

IntermediateLSRorProvider(P)

EgressLSRorProviderEdge(PE)
IngressLSRorProviderEdge(PE):
ThisrouterwillreceiveunlabeledIPpacketfromCE(CustomerEdge)andIwillinsertalabel.Then,itwillforward
theencapsulatedpacketouttothenexthopintheLSP(actioncalledPUSH).
IntermediateLSRorProvider(P):
Thisisthecorenetworkrouter,itperformshighspeedlabelswitching.Also,itlooksattheincominglabel,identify
thepathtotake,andthenchangesthelabelaccordingtoitsLabelSwitchingTable(LFIBLabelForwarding
InformationBase)(actioncalledSWAP).
EgressLSRorProviderEdge(PE):
Thisrouterremovesthelabel(actioncalledPOP).Alsodoes,(actioncalledPHP)whichisPenultimateHopPopping
wheretherouterPEasksthePtopopout(remove)thelabelinordertosaveCPUprocessing.
LabelStacking:
MPLSallowsmultiplelabelsinapacket.Onlythefirstlabelofthestackisexamined.Whenthefirstlabelispopped
out,thenthenextlabelbecomeactive.
TheingressLSR(PE)needstoadd2informationtoapacket:
*WhichVPNthepacketbelongs(representedbytheinnerlabel
*WhichLSPshouldbeusedtoreachtheegressLSR(PE),representedbytheouterlabel.
Becarefulthateachlabeladds4bytesmoreonthepacketsize.MTUmustbeadjustedoverthenetworksrouters.
LabelSwitching:
LabelSwitchingTable(LFIBLabelForwardingInformationBase).
MPLSnetworkwillbeestablishedandsignaledbeforepacketforwarding.
MPLSLabelhaslocalsignificanceanditwillchangeateachhop(SWAPaction).
LabelDistribution:
Thereare2protocolsusedtoautomateit:
*LDPLabelDistributionProtocol
*RSVPResourceReservationProtocol
LDPLabelDistributionProtocol:
AssignlabeltoaFEC.ThelabelFECpairsareusedtocreatetheLSPs.
LDPdoesnottakeanypathselection.MustworktogetherwithIGPprotocols:ISIS,OSPF,etc.
DistributionModes:
*DownstreamonDemand:Labelsbindingsnotsharedunlessaskedfor.
*UnsolicitedDownstream:DistributeitsbindingseveniftheLSRisnotaskedfor.
Discoveringprocess:inordertodiscoverLDPpeers,aLSRperiodicallytransmitsLDPHelloMessages(usingUDP
port646).Oncethediscoveryhasbeenmade,thesignalingAdvertisementsandNotificationsmessagesaresent
(usingTCPport646).Themessagesare:1)Timervalues2)LabelSwitchingmethods3)others
RSVPResourceReservationProtocol:
Itsnotaroutingprotocol.ItsaTransportLayerprotocoldesignedtoreserveresourcesacrossanetwork.LSPs
needstobeconfiguredmanually.Benefits:betternetworkcontrol.
MPLSReservedLabels:
Atthismomentonly4labelshavespecialmeaning:
*Label0:ExplicitNULLLabel:thepenultimateupstreamLSR,insteadofpopping(POP)thelabel,nowaddsalabel
0.WhentheegressLSR(PE)receivesthelabel0itknowsthathastoremoveit.Label0cannotbeswappedto
anothervalue.
*Label3:ImplicitNULLLabel:assignedbytheEgressLSR(PE)whenitwantstotheupstreamLSTtodoPHP
(PenultimateHopPopping)popthelabel.TheproblemisthatalsoremovestheEXPfieldandalltheQoS
informationislost.Itsbetterusethelabel0.
*Label1:RouterAlertLabel:IndicatesthattheLSRneedstolookcloselytothepacketbeforeforwardingit.
Therefore,thepacketisnotforwardedinhardware,butitislookedatbyasoftwareprocess.Whenthepacketis
forwarded,thelabel1isremoved.ThenalookupofthenextlabelinthelabelstackisperformedintheLFIBto
decidewherethepacketneedstobeswitchedto.Next,alabelaction(pop,swap,push)isperformed,thelabel1is
pushedbackontopofthelabelstack,andthepacketisforwarded.
*Label14OperationandMaintenance(OAM)Alertlabel:OAMisbasicallyusedforfailuredetection,localization,
andperformancemonitoring.ThislabeldifferentiatesOAMpacketsfromnormaluserdatapackets.
ForwardingandControlPlane:
MPLSarchitectureisdividedinto2separatecomponents:
*ControlPlaneandForwardingPlane
Beforeforwardingpackets,acontrolplaneneedstobeestablished:FECs,LSPs,LFIBsandVPNs.
InLDP,thesignalingofthelabelstoneighborsintheoppositedirectiontothepacketflow(upstream).
MPLSVPNVirtualPrivateNetworks:
Requirements:*Privacy,easyforthecustomertouse,easyprovisioningofnewsites,scalability(supportmany
siteswithmultiplecustomerinordertogettheinvestmentreturn).
VPNModels:
*ItsupportsbothIPandLayer2VPNs:
L3VPNModel L2VPNModel
Overlay:CEresponsibility.CEsconnectedp2p VPWS:VirtualPrivateWireService.Createsap2pservice.
Peer:PeeringisdonebetweenCEandPE. VPLS:VirtualPrivateLanService.ProvidesEthernetservicetocustomer
MPLSL3VPNimplementation:
CE<>PE:pureIP
PE<>PE:BGP(BorderGatewayProtocol).
P<>P:(InteriorGatewayProtocol:RIP,OSPFISIS).
3.1IPQoSOverview
QoSDescription:
Nowadaysbesteffortisnotgoodenough.
CertaintrafficflowneedprioritizationaccordingtotheSLAs
Congestionavoidance
3.2IPQoSFundamentals
NetworkRequirementsDelay:
Itcanbecausedbyanumberoffactorsduetonodeprocessingofthepackets,queuingalongthepath,slow
transmissionordelayinthesignalpropagation.
NetworkRequirementsJitter:
ItcanbecausedbyElectromagneticInterference(EMI)andinterferencefromothersignals.
NetworkRequirementsVoIPCall:
Itusuallyneedsbandwidthof8kbpsto64kbps(encoderdepending). Maxjitter<=30ms.
Maxdelay(oneway)<=15ms. Maxloss<=1%
DifferentQoSModels:
MPLSusingRSVPprotocols
PerHopQoSprocessing(requiresalotofprocessing)
IPPrecedence:
Toreducetheamountofprocessingcomplexityandcostinperflow
model,newsystemswereintroducedtosimplifyQoS.Thefirstmodel
wasIPprecedence.

Usesthefirst3bitsoftheTOS(TypeofService)fields.

8Classes

Sowheneverthereiscongestion,apacketwithalowerprioritywill
bedroppedbeforeapacketwithahighervalue.

DifferentiatedServices(DiffServ):
Moregranularapproachtopacketprioritizationasituses6
bitsinsteadof3andcansupportupto64differentclasses.
The6bitsarecalledDSCP(DiffServCodePoint).

IPv4>TOSFieldoctetIPv6>TrafficClassoctet

Last3bitsremainedunused

3firstbitsidentifytheClass(BehaviorAggregate)

TheotherbuildingblockintheDiffServarchitectureiswhats
knownasPerHopBehaviorsorPHBs.PHBsareglobally
definedparametersthatinstructanetworknode(usuallya
router)onwhatactiontoperformonpacketstraversingit.

PerHopBehaviors:
DSCPmarkingareknownasBehaviorAggregates(BA).
PacketswiththesameDCSPvaluearegroupedintoaBA(BehaviorAggregate),andtheirDSCPvaluewillbe
mappeddirectlytoaPHP(PerHopBehavior).
TheBAisusedtoaggregatedifferenttrafficflowstogethersothatpoliciesorSLAscanbeappliedtothesepackets
quicklyandeasily.ThiswealsoreferredtoasPHB(PerHopBehaviors).
DSDomain:
AreclearlydefinedwhereallthenodeareDiffServsenabled.
TrafficClassifiers:
Packetclassificationisapolicythatidentifiesaflowoftraffic,usuallyduetosomefieldintheIPheader.Thereason
whytheseflowsareidentifiedistoapplyaspecifiedservicetothosepackets.
Thereare2types:
BAidentifier:itwillclassifybasedonlyonthevalueoftheDSCP.
MultifieldClassifier:itwillclassifybasedontheaddressandportfields(source/destination),protocolIDfieldand
alsotheDSCPvalue/DSfield.
TrafficConditioners:
Itsusedtomakesurethattrafficcomplieswiththeagreed
SLA

Anexampleofwhytrafficconditionersmightbeusedwould
beifacustomerhasboughta2Mbsinternetaccessservice
buttriestouse4Mbpsofdata,whatshouldthenodedo?
Therearedifferentoptions,suchastrafficpolicing,traffic
shapingandsoontoseehowthesedifferentconditionerscan
beusedtomanagecustomerSLAs.
DefinitionofDSCP:

Thefirst3bitsidentifytheclass.Theother3bitsareusedto
definedifferentdropprobabilities.

ECNExplicitCongestionNotification
PHBGroups:
DefaultPHB:DSCPValue(000000)>BestEffort
ExpeditedForwarding(EF):oftenusedforVoice.
AssuredForwardinggroup(AFxy):AFdefines
fourmainclassesofforwarding(AF1AF4).The
higherthevalue,from1to4,thehigherthe
priorityoftheclass.Theclassesfrom1to4are
definedbythefirst3bitsinthe6bitDSCPfield.
Then,withineachclassthereare3drop
probabilities.
DiffServFunctionsIngress:

ClassificationandmarkingaredoneonapacketenteringaDS
domainandareusedtoidentifydifferenttypesofpacketsand
markthemforusebyotherfunctionslaterintheflow.

Classification,markingandpolicingarealldoneoningress
traffic.
DiffServFunctionsIngress:
OntheegressflowofthepacketswehavedifferentDiffServfunctionsapplied.
ThefirstoftheseistrafficQueuing.
*Queuingusesbufferstostorepacketsuntiltheportisreadytosendthemout.Oncetherearepacketsinqueues
theyneedtobeemptied.TherearedifferentwaysofemptyingqueuesbyusingdifferentSchedulers.The
combinationofqueuingandschedulingcombineasashaperofthetraffic.
ThelastDiffServfunctionwelltakealookatisCongestionAvoidance.Congestionavoidanceisusedtodrop
packetsrandomlytotrytoinformsenderstoslowdown.
DiffServFunctionsClassificationandMarking:
ClassificationisusedtodistinguishwhatisthetraffictypeandthenMarkingisperformed(settingtheDSCP).
ClassificationisdoneattheboardersoftheDSdomainontheingresstraffic,
DiffServFunctionsTrafficPolicing:
TrafficPolicingisusedasawayto
measuretherateoftrafficandcompareit
withanagreedrate.

Letsrevisitourcustomerwhohaspaid
foranSLAthatallowsthemaspeedof2
Mbps.Trafficpolicingcanbeusedto
enforcethisratelimitespeciallyattimes
whentheyaretryingtosendorreceive
morethanthisrate.
Itusesarealprocessing.Itcompareseachpacketasitarrivestoapredefinedpolicy.
Thereisnobuffer,packetsmaybedroppedimmediatelyorforwardedwithaDSCPremarked,increasingthedrop
probability.
CalculatingrateoftransmissionTokenBucket:
TokenBucket:popularmethodforavendortocalculateandimplementanominalaveragebitratecalculation.
Ittakesinconsiderationtheburstinessofthetrafficandthatthepacketscanvaryinsiteandonlycompletepackets
areuseful.
CIR(CommittedInformationRate):RatedefinedintheSLA.
TrafficPolicingCommittedandExcessBurst
Itsawayofmeteringpacketsthatconformtothepolicy,thatalmostconformtothepolicyandthosethatarewell
inexcess.
*Green:Packetsthatconformtothepolicy.ItwillbeforwardedwithapredefinedDSCPvalue.
*Yellow:almostconforms.Itwillbeforwardedwithahigherdropprecedencevaluethangreen.
*Red:doesntconforms.DSCPvaluewithevenhighervaluedropprecedencethantheothertwoormightbe
droppedimmediately.
DiffServFunctionsTrafficShaping
Manipulatesthetrafficflowtomakeitcomplywiththe
trafficprofile.

Itdoesthisbyslowingtherateofpacketsbeingsentby
placingpacketsinabuffer/queueandthenemptyingthese
queueswithascheduler.

Limitedbuffer.Nospaceleft>packetswillbedropped.

QueuingisquiteusefulasIPtrafficcanbebursty.
SchedulersPriorityQueuing(PQ):
Thesearedifferentschedulingalgorithms,orways,ofemptyingqueues.
PQgivesprioritytocertainflows.
Packetsinthehighestprioqueuewillbesentbeforethelowestones(unfairbehavior).
SchedulersWeightedFairQueuing(WFQ)orWRR(WeightedRoundRobin):
Itmanagesfairdivisionofbandwidthbetweenqueues.
Thereisnoprioritybetweenqueues,eachqueueisservedinaroundrobinfashionandeveryqueuegetsitsshare
oftheavailablebandwidth.
SchedulersPriorityWeightedFairQueuing(PWFQ):
CombinestheconceptfromthePQandWFQ.
Queuesareservedaccordingtotheirpriorityandweight.
SchedulersFirstIn,FirstOut(FIFO)Queueing
Packetsareforwardedinthesameorderinwhichtheyarriveattheinterface.
DiffServFunctionsCongestionavoidance
Waytopreventcongestionfromoccurringbyinformingsendersthattheyneedtoslowdownwhensending
packets.Withoutcongestionavoidance,ifthetrafficcomingiscontinuallyhigherthanthatwhichcanbesentout
thenthequeuewilleventuallyfillup.Whenitisfullthereisnomorespaceforpacketsandpacketstryingtoenter
thequeuewillbedropped.Thisiswhatwecalltaildrops.
TailDrops:
Thequeuedepthcanbechanged.However,caseisneeded,ifthequeuedepthistoolarge,thenthereisabigger
packetdelay,asthepacketsattheendofthequeuewillbewaitingtogetschedule.
Ifthequeuedepthistoosmall,itwillcausetaildrops.
DiffServFunctionsCongestionavoidance&CongestionManagement
Avoidtaildrops.Itimplementsamechanismtorandomlydroppacketsenteringthequeuebeforeitgetsfull.
Theflowstransferringthebiggestamountofdatatrafficwillsufferthemost.
RandomEarlyDetect(RED):
ApopularmechanismusedforcongestionmanagementisRandomEarlyDetection(RED).Thereareother
variationsavailabletoo.
REDrandomlyselectspacketsthatareenteringthequeueanddropsthem.
REDallowsforquiteadvancedtuningofwhentostartdroppingpackets,howmanypacketstodropandwhich
packetsshouldbedropped.
TCPtrafficadjustsitstransmissionusingTCPslidingwindow.
REDisntsoeffectiveforUDPtraffic,becauseUDPisntsessionbased.
Differences
WithoutRED WithinRED
Overflowofqueues Dominantflowsdroppedmost
Dominantflowsclaimmajorityofqueue Senderslowdown
Taildropsverylikely Queueoccupancyreduces
Allflowsimpacted(dominantflowatleast) Taildropsminimized
WeightedRandomEarlyDetect(WRED):
REDtreatsallpacketsinqueueasequal
WREDdropspacketsselectivelybasedontheDCSPvalue
Multipleprofilescanbeconfiguredperqueue
QoSinLayer2(MPLS):
MPLSheader>3bitscalledEXP(ExperimentalField)
BydefaultIPPrecedence/DSCPvalueispropagatedfromtheIPheaderintotheMPLSheader.
QoSinLayer2(Ethernet):
3mostsignificantbitsoftheDSCPfieldcanalsobepropagatedintotheEthernetheader
ThefieldintheEthernetHeaderisknownasthePriorityCodePoint(PCP).8prioritylevels(3bits).
4.1IPRoutingOverview:
Description:
UsingthedestinationIPcontainedintheIPv4header,therouterdecidesthenexthop,thatisthenextrouterto
sendthepacketto.Itfindsoutthisnextrouterfromtheroutingtable.
TherouterwillrepackagethepacketintoanEthernetframebyaddingonanEthernetheader.
Remember,theEthernetheaderisjustusedtotransmitframesoveralink.TheSourceMACaddressistherouters
MACandthedestinationMACaddressofthenexthop.
2typesofrouting:
StaticRouting:configuredmanuallyeachrouterintheNW.
DynamicRouting:Usingdynamicroutingprotocols,routersareresponsibleforkeepingroutinginformation
consistentandtheintelligenceisbuiltinthenetwork.
4.2IPRoutingFundamentals
Routingandswitching:
EthernetframeistransmittedwithMACAddress.
WhenaswitchreceivestheframeituseswhatiscalledaMACaddress.
IftheMACaddressisfoundontheARPtable,thepacketissentoverthelinklayer.
Ifnotfound,aARP(AddressResolutionProtocol)broadcastmessageissenttoallhostsonthenetwork,whichwill
replywithitsMACaddress.
AswitchwillhaveinitsARPtabletheMACaddressofallhostswithinofyouCollisionDomain.
RoutingProtocols:
RoutingProtocols:RIP,OSPF,ISIS,etc.
RoutedProtocols:IPv4,IPv6,etc.
DefaultGatewayHostsonthesamesubnet:
Hostscansendthepacketdirectlytothedestinationsuccessfullywithoutneedforanyrouters.
DefaultGatewayHostsondifferentsubnet:
AdefaultrouteisaroutethatisconsideredtomatchalldestinationIPaddress.
Onethepacketissentfromthehost,itsDefaultGatewaysresponsibilitytodeliverthepackettothedestination.
TheDefaultGatewaychecksitsroutingtabletoseeifthedestinationIPisconnecteddirectly.
Ifnot,theDefaultGatewayusestheroutingtabletoforwardthispackettoanotherconnectedrouteruntilthe
destinationisreached.
RouteSummarization:
Usedtoimproveroutingefficiency.
Reducememoryconsumption.
Improveconvergencebyreducingthelengthoftheroutingtable.
AutoSummarization:
Routersharetheirroutingtablewiththeirneighbors
usingAdvertisements.
Itrequiresclassfulnetworkboundaries.Example:
AdvertisesasinglerouteforanentireClassA,BorC
network.
Anotherexample:RouterCcanadvertiseseveral
130.X.X.XClassBnetworksas130.0.0.0/8.Please,
notethatthesubnetmaskischangedfrom/16to/8.
Thisway2=256ClassBnetworksaresummarizedand
representedbyasingleentryintheroutingtable.
AdministrativeDistance:

Routermusttakedecisiononwhichprotocolsrouting
informationtouse.
Administrativedistanceisanumber(0255)that
denoteshowbelievableonentireroutingprotocolison
asinglerouter.
Thelowernumber(0)=thebetter,morebelievableis
theroutingprotocol
Administrativedistancecanbemanuallyconfigurable
oneachrouter.

ConvergenceTime:
Timerequiredforroutingprotocolstoreacttochangesinthenetwork,removingbadroutesandaddingnewones.
43DistanceVectorOperation
DistanceVectorProtocolOverview:
Determinesroutesbasedonvectorsofdistanceanddirection
Communicatesonlywithneighborsroutersthatshareacommonlink
Learnsnetworkroutesfromneighborsperspective
Easytoconfigure
Inherentlylimited
DVprotocolimplementations:
RIP,IGRP
DistanceVectorRoutingProtocols:
Ingeneral,DVworkslikethis:
(1)DistanceVectoriscomprisedofDistance,whichishowfarawaythe
destinationis,basedonsometypeofmetric;andVector,whichisthe
outboundinterfacethroughwhichthedestinationisreachable.
(2)Atpowerup,arouterbroadcastsarequestforroutesfromall
enabledinterfaces.
(3)Periodically,routerspasscopiesoftheirroutingtableto
neighboringrouters.Theseupdatescanbetriggeredbyachangeon
thenetwork,orberegularlyscheduledupdates.
Distancevectoralgorithmsdonotallowaroutertoknowtheexact
topologyofaninternetwork.Intheexamplehere,Router1onlyknows
thatRouter4isadistanceof3hopsawayinthedirection(orvector)of
Router2.
DVMetrics:

(1)Thedistancemetricisdeterminedby
howtheroutingalgorithmdefinesthe
bestpath.

(2)Eachroutingalgorithmdefinesthe
mostimportantcharacteristicsusedinits
metriccalculation.
InteriorGatewayRoutingProtocol(IGRP):
Itsadistancevectorinteriorroutingprotocol(IGP)developedbyCisco.Itisusedbyrouterstoexchangerouting
datawithinanautonomoussystem.
CreatedinparttoovercomethelimitationsofRIP(maximumhopcountofonly15,andasingleroutingmetric)
whenusedwithinlargenetworks.IGRPsupportsmultiplemetricsforeachroute,includingbandwidth,delay,load,
andreliability;tocomparetworoutesthesemetricsarecombinedtogetherintoasinglemetric.
IGRPisconsideredaclassfulroutingprotocolbecausetheprotocolhasnofieldforasubnetmask,therouter
assumesthatallsubnetworkaddresseswithinthesameClassA,ClassB,orClassCnetworkhavethesamesubnet
maskasthesubnetmaskconfiguredfortheinterfacesinquestion.
ClassfulprotocolshavebecomelesspopularastheyarewastefulofIPaddressspace.
DVProtocolCharacteristics:
CanoperatewithbothIPv4orIPv6addressing.
Laterversions,suchasRIPv2andEIGRPareclasslessbecausetheyincludesubnetmaskintheroute
advertisement.
RIPv1usesbroadcastforadvertisement>RIPv2usesmulticastforadvertisement.
AutomaticRoutersummarization.
RoutingloopsareapotentialprobleminDVprotocol.
DiscoveringRoutes:
Aroutingtablecontains:
Routesfromdirectlinksandother
learnedroutes.
Theoutgoinginterfacewherethe
packetneedstobesent.
Sometypeofreachabilitymetric,
example,hopcount.

Whenthenetworkisfullyawareofall
linksandroutes,thenetworkissaidto
be:converged.
ProtocollimitationsDifficultieswithDV:
RouteDown:Routersstillsendpackettoarouterwhichisdownbecauseitsstillintheirroutingtableandthereis
noroutertosaythattherouteisunreachable.Packetssenttothatlinkgointoablackholeuntiltherouteis
removedovertimeduetolackofreceiptofnewupdatesregardingthatlink.
Flapping:IfMetricusedtocalculatethedistancechangesfrequently,flappingcanoccur.
Routingloops:ThepotentialforroutingloopingformationinDVnetworkshasleadprotocolsdesignersto
incorporateloopingavoidancetechniquesintotheroutingcode.
Synchronousupdates:Routersupdatescanbecomesynchronizedcausingmediacontentionanddelaysonthe
network.
44DistanceVectorConvergenceandScalability
RoutingTableEntriesandRouteAdvertisement:
Aneighborisanotherrouteronthesame
physicallink.Oncearouterdiscoverswho
itsneighboris;itsendsacopyofitsrouting
tabletothoseneighbors.
Thoseneighborsaddthatinfototheirown
routingtableandsendcopyoftheir
updatedroutingtabletotheirown
neighbors.
Thiscontinuesuntilallroutershavebeen
updatedwiththestatusofallotherlinks
androutesonthenetwork.
DVAddressingtheissues:
DVprotocolsoffersfeaturestocounterthelimitationdiscussedbefore:
SplitHorizon,PoisonReverse,Maxhop
count,andRouteInvalidationTimersall
worktomitigateroutingloopswhena
routeroralinkfails.

TriggeredupdatesandHolddown
timersreducetimetoconvergence.

Triggeredupdatesandtimingjitter
mitigatecongestionbroughtonby
synchronousrouterupdates.
DVFinalConsideration:
Duetoitsoriginalbroadcast,classfulnature,DVwasbestsuitforsmallnetworks.
Enhancementsthatprovidemulticastadvertisementsandclasslessbehaviorhavenotenhancedthescalabilityof
theDVprotocol.
FoundinlegacyAccessLayernetworks.
45LinkStateProtocolOperation
Classfulvs.classless:
Terminology:
Link:Aninterfaceonarouter
Linkstate:Informationaboutthestateofthelinks
Linkcost:Metricassociatedwiththeoutgoinginterface.
LinkStateDatabase:CompletepictureofeachlinkstateontheNW.
LinkStateProtocol:ClasslessprotocolwhichpassestheLinkStateDatabasetoeachdevice.
LinkStateProtocol:
BasedonDijkstrasalgorithm
Alsoknownasshortestpathfirst(SPF)algorithm
Eachrouteroriginatesinfoaboutitselfanditsdirectlylinksandthestateofthoselinks.
Thisinfopassedinitsentirelyfromroutertorouter.
Eachroutercalculatesitsownoptimumroutebasedonthelowestcostoftheentirepath(shortestpath)tothe
destinationnetwork.
Convergenceisfast
LinkStateDatabase:
ContainstheLinkStateAdvertisement(orSLA)informationreceivedfromallroutersintheArea.
TheLinkStateDatabasestores:
Alllinks
Thelength(cost)ofalllinks
Allroutersconnectedtoalllinks.

TheroutingtablewillbecreatedbyrunningDijkstrasalgorithmagainstthislistofroutersandlinkscontainedwithin
theLinkStateDatabase.
Routingtable:
LinkStateAreas:
AnareaisagroupofoneormorenetworksthatusethesameLSroutingprotocol.
1.DistributingtheLinkStateDatabase,aswellas
themethodusedtoannouncelinksandlinkstates
adverselyaffectsavailablebandwidth.
2.StoringthenecessaryLinkStatedatabases
requiresmoreroutermemorythanthememory
requirementforDistanceVectorprotocols.
3.SPF(ShortestPathFirst)algorithmiscomplex.It
consumesconsiderableCPUcyclesandittakes
timetoexecute.

LSAreasStubAreas:
Itsanareaontheedgeofanetwork
thathasnoknowledgeofexternal
networks.
Theborderrouterknowsaboutthe
externalnetwork,buttherouters
insidethesubareadoesnot.
Lesscomplexviewofthenetwork,
whichreducestheirworkload.

LSAreasTotallyStubAreas:

TotallyStubbyAreasarestub
areasthatarenotonlyunaware
ofExternalnetworks,butarealso
unawareofanynetworkswithin
theirownAutonomousSystem
thatareoutsideoftheirown
area.

LSAreasNotsostubbyAreas:
Permitexternalroutestobe
advertisedintoanAutonomous
Systemwhileretainingthe
characteristicsofaStubarea.
Forexample,usersmightneedto
connecttoalegacysystemthat
doesntsupportaLinkState
protocol.

Autonomoussystems:
Singleadministrativeentityordomainthatpresentsacommon,clearlydefinedroutingpolicy.
InteriorGatewayProtocols(IGP):
WorkwithinanAutonomousSystemtodiscoverpathbetweennetworks.
ExteriorGatewayProtocols(EGP):
RoutingprotocolsthatdiscoverpathsandroutebetweenAutonomousSystems,suchasBGP(BorderGateway
Protocol).
46LinkStateConvergenceandScalability
Convergence:
WithaLinkStateprotocol,anetworkisconverged(orinaquietstate)whentheshortestpathpossibleexiststoall
reachablenetworks.
HelloPackets:

IfHellosarenotrepliedin
40s(bydefault),theneighbor
isconsideredunreachable.

LinkStatePacket:
Oncetherouterinterfaceisinthe
twowaystateandtheneighbor
relationshipisformed,anadjacencyis
establishedandtheroutersbegin
sendingoutLinkStateAdvertisements
(LSAs)totheiradjacentneighbors.
RouterssendLSAstotheirneighbors
inLinkStatePackets(LSPs),process
calledasFlooding.
LSPsaresentoutwhentherouter
initiallystartsuporwhenthereisa
changeinthetopology.
LinkStatePacketFlooding:
LinkStateFloodingistheprimary
reasonthatLinkStateconvergesso
quickly.Floodingistheprocessby
whicheachrouternotifiestheothers
ofitsneighboringlinksandlinkstates.
UnlikeDistanceVector,wherethe
routermustrunitsalgorithmand
updatetheroutingtablebefore
sendingroutingupdates,LinkState
Advertisementsareforwardedalmost
immediately.
BuildingaLinkStateDatabase:
Infoneededbytherouter:*RouterLinkInformation:RoutersIDfromneighborandadjacencies*Costassociated
withthelink*Stubnetworkinformation
LinkCosts:

Thedefaultcostcalculationisthe
ReferenceBandwidth(100,000isthe
default)dividedbythelink
bandwidth.

LinkStateProtocolFinalconsideration:
UnliketheDistanceVector,LSroutersholdapictureoftheentirenetworktopology.
LSroutesuseMulticastforLinkStateUpdates.
LStypicallyfoundintheAggregationandCoreLayersoftheServiceProvidersNetworkdueto:
*QuicklyConvergence;
*Supportvariablelengthsubnetting;
*Segregatinglargernetworkinstubareas.
Drawbacks:
LSAfloodingandhighCPUmemorydemandsonrouters.
47OSPF(OpenShortestPathFirst)Overview
Description:
TheOSPFisanInteriorGatewayProtocol(IGP)thattakesroutingdecisionbasedonLinkStatesinformationrather
thanDistanceVectors.
TocalculatetheshortestpathtoadestinationOSPFusesShortestPathFirstalgorithmwhichisalsocalledDijkstras
algorithm.
TheprotocolhasbeendevelopedbyIGPworkinggroupoftheInternetEngineeringTaskForce(IETF)in1989.
ThemaingoalforOSPF:
wastoaddresstheneedsoflargenetworkstohave: Mechanismforefficientuseofavailablebandwidthinthe
Amechanismtoassureveryfastconvergencetime network
SupportforVariableLengthSubnetMask Possibilitytoselectpathstodestinationsbasedonacost
OSPFConcept:
Thelargestentitywithinthishierarchyis
calledanAutonomousSystemanditisa
collectionofnumberofareasgrouping
attachedhostsandroutersunderthe
sameroutingstrategy.

Separatingonelargenetworkinto
multiplesmallerareassignificantlyreduces
thenumberofroutingrecalculationsinthe
routingdatabase.Anychangesinsideany
areaarenotvisibleforallotherareas.

TheBackboneArea(alsoknownasArea
0)istheCoreoftheOSPFnetworkandall
otherareashavetobeconnectedtoit.Itis
responsiblefordistributingrouting

informationbetweennonbackboneareas.
OSPFtypesofrouters:
InternalRouters:routerswhoseinterfacesbelongtothesamearea.Theseroutershaveasinglelinkstatedatabase.
BackboneRouters:routerswithatleastoneinterfaceattachedtotheBackboneArea.
AreaBorderRouters:routerswhoconnectsoneormoreareastotheBackboneArea.AnABRactsasagatewayfor
interareatrafficanditalwayshaveatleastoneinterfaceattachedtotheBackboneArea.Foreachofconnected
areasanABRmustmaintainaseparateLinkStateDatabase.Onlysummarizedtopologyinformationispropagated
byanABRtotheBackboneArea.
DesignatedRouters:routerswhorepresentthemultiaccessnetworkanditsattachedrouterstotherestofthe
OSPFarea.
AutonomousSystemBoundaryRoutersrouterswhoactasgatewaysforexternaltraffic.ASBRsareresponsiblefor
injectingroutinginformationfromotherroutingprotocolssuchas:RIP,BGP,staticrouting.
48OSPFRoutingIPv4Fundamentals:
OSPFTopology
OSPFrequiresabackbonearea,called
Area0.0.0.0indotteddecimalnotation,
andoftenreferredtoasArea0.
EveryotherareaconnectstoArea0via
oneormoreAreaBorderRoutersorABRs.
Alltrafficbetweenareastravelsthrough
Area0.
Mayalsoincludeoneormore
AutonomousSystemBoundaryRouters
(ASBRs),whichconnecttheOSPFnetwork
tootherAutonomousSystemsorrouting
domains.
OSPFNeighbors:
OSPFemploystheconceptofneighbors.NeighborsareOSPFrouters
thatcandirectlyreacheachother.

Bydefault,routerssendOSPFHellopacketsevery10seconds.The
routerswillusereceivedHellopacketstoidentifytheirOSPF
neighbors.

Whenneighborssharecertainparameters,theyformarelationship,
calledanadjacency,andtheyshareroutinginformationwitheach
other.

EachroutermaintainsitsownLinkStateDatabase.NeighborroutersthatarefullyadjacentshareLinkState
Advertisements(LSAs)tobuildtheirLinkStateDatabases.
AllLSAsarefloodedthroughoutanOSPFarea;andcertainLSAsarefloodedthroughouttheOSPFnetwork.
AllroutersinanareawillhaveanidenticalLinkStateDatabase.
OSPFmultiaccess(LAN)adjacencies:
WhenanOSPFrouterreceivesanLSAfroma
neighbor,itisexpectedtofloodthatLSAout
toallofitsotheradjacentneighbors.Inan
EthernetLAN,allrouterscanheareachother.

Asaresult,alloftheroutersonaLANcould
createafullmeshofadjacencies,resultingin
excessiveinterneighbortraffic,suchas
floodedLSAsandacknowledgements.
Inordertominimizetheamountofinformationexchangeonaparticularsegment,OSPFelectsoneroutertobea
designatedrouter(DR),andoneroutertobeabackupdesignatedrouter(BDR),foreachmultiaccesssegment.
Insteadofeachrouterexchangingupdateswitheveryotherrouteronthesegment,everyrouterexchanges
informationwithonlytheDRandBDR.TheDR(orBDRiftheDRhasfailed)relaystheinformationtoalltheother
routersonthesegment.TheDRalsogeneratesLSAstoadvertisetheLANsegmenttotherestoftheOSPFarea.
OSPFRouterTypes: OSPFNetworkTypes:
OSPFPacketTypes: OSPFLinkStateAdvertisementsTypes:
OSPFInterfaceStates:
AnOSPFinterfacetransitionsthroughseveralstatesbeforetheroutercanbecomefullyadjacentwithaneighbor.
Thestatesare:Down,Loopback,Up,Waiting,DR,BackupandDROther.
YoucanuseinterfacestateinformationtohelptroubleshootOSPFinterfaceissues.
OSPFNeighborStates: WhenOSPFroutersbringupan
interface,youshouldseeneighbors
proceedthroughmultiplestatesuntilthey
reachfulladjacency.
TheinitialstateisDown.Thisstate
meansthatnoHellopacketshavebeen
receivedfromtheneighbor.
NotethatyouwillonlyseetheAttempt
stateonNonBroadcastMultiaccessor
NBMANetworks.IntheAttemptstate,
theroutertriestocontactastatically
configuredneighborbysendingHello
packets.

WhentheconfiguredNBMAneighborrespondsbackwithitsownHellopacket,therouterwillmovetoInitState
quicklyfollowingtheDownstate.InitmeansthataHellopackethasbeenreceivedfromtheneighborbutthe
neighborspacketdoesnotlistthisrouterasaknownneighbor.
TheTwoWaystateisenteredwhentheHellopacketsfromtheneighborlistthisrouterasaneighbor.
TheExStartstateisthefirststepincreatinganadjacencybetweentworouters.Thetworoutersnegotiatewhich
routerwillstarttheexchangeofDatabaseDescriptionpacketswhicharesummariesoftheLSAsinarouterslink
statedatabasebetweenthem.
IntheExchangestate,eachroutersummarizesthecontentsofitslinkstatedatabasetotheotherbysending
databasedescriptorpacketstotheother.
IntheLoadingstate,theroutersexchangelinkstaterequests(LSRs)andlinkstateupdates(LSUs)toupdateor
completeeachrouterstopologicaldatabase,therebysynchronizingtheroutersdatabases.
Finally,theroutersachievethefinalFullstate.Neighborsinthisstatearefullyadjacentandtheadjacencieswill
appearinRouterandNetworkLSAs.
49ISISOverview
Description:
ISISisalinkstateroutingprotocolusedwithinabordersofautonomoussystems.
ItwasdevelopedbyInternationalOrganizationforStandardizationasaroutingprotocolforISO.OSIprotocol
family.ItwasdesignedaccordingtoOSImodelandoriginallysupportedOSIprotocolsonly,thusnoIPsupportatall.
OSIprotocolsweresupposedtoreplaceTCP/IPandITUpushedforreplacement.Asaresult,OSIprotocolswere
deployedintelecommanagementnetworksmanagingopticalorvoiceswitchingequipment(example:SDH).Atthe
sametimeIPwasalsousedforInternetservices.Having2protocolfamiliesinthesamenetworkrequired2different
routingprotocolsrunningonrouters.
Itcanbedeployedin3differentnetworkenvironments:
IPonlynetworks
OSIonly
anddualcalculatingbestpathsforbothIPandOSI
InterestingfactaboutISISisthatOSPFdesignevolvedfromearlyISISversion.Thisiswhytherearequitesome
similaritiesbetweenbothprotocols.
4.10ISISFundamentals
ISISconceptsandterminology:
ISIS,orIntermediateSystemtoIntermediateSystem,isaninteriorgatewayprotocol(orIGP)thatexchanges
routinginformationpacketsreferredtoasProtocolDataUnits,orPDUsbetweenroutersbelongingtothesame
routingareaorautonomousdomain.
ISISisdesignedtosupportextremelylargenetworksitisveryscalabletohundredsorthousandsofrouters.
EachIntermediateSystem(IS)isarouterandeachIGPlinkstateadvertisementisreferredtoasalinkstatePDU,or
LSP.
EachISgatherslinkstateinformationfromotherroutersandbuildsatopologicalrepresentationofthenetwork.
ThistopologymapindicatesthesubnetswhicheachISISroutercanreach,andthelowestcost(shortest)pathtoa
subnetisusedbytheRoutingInformationBase(RIBorroutingtable)toforwardtraffic.
UnlikeanotherlinkstateprotocolOSPF,whichistransportedoverIPatlayer3,ISISisdirectlyencapsulatedin
Layer2theDataLinklayer.
ISISsupportsbothIPv4andIPv6networksandistypicallyconfiguredintheAggregationandCorelayersofa
ServiceProvidersnetwork.Infact,thelargestISPspredominantlyrelyonISISbackbones.
Knownforrapidconvergenceacrossthedatalinklayer,ISISroutersbuildatopologicalArearepresentationofthe
networkthatindicatesthesubnetseachISISroutercanreach.
ISISisalsoaclasslessroutingprotocolthatsupportsvariablelengthsubnetmasking(orVLSM),aswellasClassless
InterDomainRouting(CIDR)bothofwhichareusefulinaServiceProvidersAggregationandCorelayers.
ISISTopologyandRoutingLevels:
ISISrouterscanbeconfiguredtobeoneof
threetypesofrouters:
Level1only;
Level2only;or
Level1/Level2

Level1routingisintraarearouting.Intraarea
routershaveneighborsonlyinthesamearea.
Theseroutersbuildlevel1linkstatedatabases
(LSDBs)containingroutinginformationonlyfor
theirownarea.Thislevel1routinginformation
isexchangedonlybetweenLevel1routers
withinthesamearea.
Level2routingisinterarearouting,andlevel2
routersareinterarearouters.
Theseroutersformrelationshipsandexchange
routinginformationonlywithotherLevel2inter
arearoutersinthesameorotherareas.

ISISdoesnotrequiretheconfigurationofan
Area0asabackbonearea,asisthecasewith
OSPF.
Instead,ISIScreatesalogicaltopologyof
abackboneofLevel2routerswithbranches
consistingofLevel1/Level2andLevel1only
routersformingtheindividualareas.Thismeans
thatanISISbackboneisacontiguouscollectionof
level2routers.
Level1/Level2representsbothintraandinterarearouting.Theseroutersexchangeinformationatbothlevels;
theymayhaveneighborsinanyarea,andareusedtoconnecttheinterarearouterswiththeintraarearouters.
ISISNeighbors&LinkStatePDUs:
EachISISrouterdistributesinformationaboutitslocal
state(usableinterfacesandreachableneighbors,aswell
asthecostofusingeachinterface)tootherrouters
usinganLSP,aLinkStateProtocolDataUnitmessage.

Topologyinformationisfloodedthroughouteacharea
betweenlevel1routers.EachrouterusesreceivedPDU
messagestoalsobuilditsneighbordatabase.Afterallof
thelevel1LSPshavebeenflooded,eachlevel1router
buildsitslevel1linkstatedatabase.Eachlevel1router
shouldhaveanidenticalLSDBastheotherlevel1
routersinthesamearea.
Topologyinformationisfloodedbetweeneachareathroughlevel2routers.Afterallofthelevel2LSPshavebeen
flooded,eachlevel2routerbuildsitslevel2linkstatedatabase.Eachlevel2routershouldhaveanidenticalLSDBas
theotherlevel2routersintheISISnetwork.Fromthelinkstatedatabase,eachrouterbuildsitsownroutingtable
usingaShortestPathFirst(SPF)orDijkstraalgorithm.Theroutingtablecontainsthebestroutestoallknown
destinationsalongwithanexthopIPaddressfortheoutgoinginterface.
ISISNeighborsandAreaRouting:
Whenapacketneedstogotoadifferentarea,aLevel1ISsendsthepackettothenearestLevel2ISinitsown
area,regardlessofwherethedestinationareais.
NSAPAddressing:
BecauseISISisanOSIlayer2protocol,LSPs,Hello
PDUs,andanotherroutingPDUsareOSIformatted,
andasaresult,everyISISrouterrequiresanOSI
NetworkServiceAccessPoint(orNSAP)address,to
identifyitselfinanISISnetwork.
OneNSAPaddressisassignedperdevice,unlikeIP
addressingwhereanIPaddressisassignedper
interface.
TheIDPhastwosubsections:
AuthorityandFormatIdentifier(AFI):aonebye(twohexadecimaldigit)fieldthatdefinesthestructureandformat
oftheNSAPaddress.JustlikethereareprivateIPaddresses;thereareprivateNSAPaddresses.AnAFIof0x49
identifiesthisNSAPaddressasaprivateaddress.
InitialDomainIdentifier(IDI):avariablelengthfieldthatidentifiesthedomainthatthisaddressfallsunder.
TheDSPhasthreesubsections:
Area:atwobyte(fourhexdigit)fieldthatallowsalogicalgroupingofdevices.
System(orStation)ID:asixbyte(12hexdigit)identifierofanetworkdevice.
NSAPSelector(SEL):aonebyte(twodigit)valuethatidentifiesaparticularserviceonthedevice.InNSAP,the
SelectorisanalogoustoaportnumberinIP.ASELvalueof0x00isreservedandindicatesaNetworkEntityTitleor
NET(identifyingthedeviceitselfandnotaservice).
ISISNSAPAddressing:
BecauseISISwasnotdesignedtoroutebetween
autonomoussystems,ISIShasitsowninterpretation
oftheNSAPaddress:
ISISconsidersthefirst12bytesoftheNSAP
address(AFI;IDI;andArea)tobetheAreaaddress.
Thenextsixbytes(systemID)identifytheIS.
ISISusestheNSAPNetworkEntityTitle(NET)address(rememberthattheNETaddresshastheNSAPselectorfield
setto0x00).
TheNSAPaddressforallISISroutersissetwiththeSelectorbyteequalto00.
DNSIssue:
WhileDNScanbeusedtoresolveIPv4andIPv6addresses,itcannotbeusedtoresolveNSAPSystemIDs.
Asaresult,theIETFaddedaTLV(TypeLengthValue)toISIStoadvertisehostnamesalongwitharoutersLSPto
distributenametoSystemIDmappinginformationthroughoutagivenroutinglevel.
OncearouterreceivesanLSPanditdetectsthepresenceofaHostnameTLV(TLV#137),itstartstomaintaina
hostnametoSystemIDcache.
ISISCircuitTypes:
LANCircuit:
Itsamultiaccessnetwork,such
asanEthernetLAN,thatsupports
manyrouters.BecauseaLANmay
containalargenumberofISIS
routers,itpresentsachallengefor
ISIS:

IfalloftheroutersonaLANare
adjacentwitheachother,then
everytimeanewrouterjoinsthe
LAN,alltheotherroutersthat
havealreadybeenontheLAN
needtoupdatetheirLSPstolist
theiradjacencytothenewrouter.
ThismayresultinamassiveLSPupdatestormbecauseeachoftheroutersontheLANneedtotelleachoftheir
adjacentneighborroutersthattherehasbeenachangeinadjacencies.Thesameupdatestormhappensifarouter
disconnectsfromtheLAN.
ThesolutiontothischallengeistochangetherepresentationoftheLANinthelinkstatedatabase.TheLANis
representedbyasocalledpseudonode.PseudonodesarecomparabletotheNetworkLSAType#2inOSPFandarea
verycommonconceptinlinkstateroutingprotocols.
Theroutertopseudonoderelationshipismodelledinthelinkstatedatabasejustlikearealphysicalconnection
relationship:
EachrouterisadjacenttotheLAN(representedbythepseudonode);and
TheLAN(again,representedbythepseudonode)isadjacenttoalltherouters
BecausewenowexpecttheLANorpseudonodetospeakandperformallthenecessarytasksthatarealISISrouter
hastodo,likegenerating,refreshingandifnecessaryremovingLSPs;andbecausetheLANitselfhasnologicto
performsaidtasks,oneoftheroutersontheLANhastorepresenttheLANinthelinkstatedatabase.Assuch,on
eachLANcircuit,aDesignatedIntermediateSystem(orDIS)iselected.
TheDISisarouteramongtheISISroutersontheLAN,which,inadditiontoitsnormalduties,alsohastheroleof
representingtheLANinthelinkstatedatabase.BecausethenodethattheDISgeneratesinadditiontoitsveryown
nodeisnotarealroutingnodeitiscalledapseudonode.
ThischangestheanytoanyISmeshonaLANtoastartopology,withthepseudonodeinthemiddleofthestar,
greatlyreducingthenumberofadjacenciesthatroutersontheLANhavetoreport.
Pointtopointcircuit:
Itsanetworkwithtworouters,oneateitherendofasingleconnection.ArouterrunningISISwillforman
adjacencywiththeneighborontheothersideofapointtopointinterface.ADISrouterisnotelectedonthistypeof
link.Essentially,eachsideofapointtopointlinkdeclarestheothersidetobereachableifaHellopacketisreceived
fromit.Whenthisoccurs,eachsidethentriggerslinkstatedatabasesynchronization.
ISISRouterTypes:
EveryrouterinanISISnetwork
isanIntermediateSystem(orIS).
ABackboneRouterconnects
twodifferentISISareas.

Inabroadcastnetwork,a
DesignatedISrouter(orDIS)is
electedto:
*FloodtheLANwithLSPsto
ensurethatallroutersontheLAN
havesynchronizeddatabases,
*Creatingandupdatingaspecial
LSPdescribingtheLANthe
pseudonodeLSP.
TheDISissimilartothedesignatedrouterintheOpenShortestPathFirst(OSPF)Protocol,althoughthe
mechanismsfortheelectionprocessandadjacencydeterminationdiffer.TheISISDISiselectedbyhavingthe
highestpriorityonthatLANsegment.Theprioritylevelisconfigurableperinterface.Inthecaseofatie,between
routerswiththesamepriority,therouterwiththehighestsourceSNPA(theroutersMACaddressontheLAN)
becomestheDIS.
Andfinally,anEndSystem,orESisahostinanISISnetwork.AnEShasnoroutinginformationbutcandiscoverIS
routersbylisteningtoHelloPDUs.ISroutersdiscoversESsbylisteningforEndSystemHellopackets(orESHs).
ISISRouteSummarization:
ISISroutesummarizationhelpstoreducethesizeofthelinkstatedatabaseandtheroutingtable.Italsohelpsto
reducethechanceofrouteflapping,whichmayoccurwhenarouteralternatelyadvertisesadestinationnetworkvia
oneroutethenanotherrouteinquicksequence(oradvertisesarouteasunavailablethenavailableagain).
ISISPACKETTYPES:

Likeotherroutingandsignaling
protocols,ISISusesabuiltin
automaticneighbordiscovery
mechanismviaIIHspackets,theIS
ISHelloPDUs.

Also,notethatallISISpacketsare
multicastonaLAN.Wewilldiscuss
moreaboutthesepackettypesin
thenextfewtopicsofthislesson.

SequenceNumberPDUs(orSNPs),controlthedistributionofLSPs.SNPsprovidethemechanismthatsynchronizes
linkstatedatabasesbetweenroutersatthesameroutinglevel.
ISISLSPFlooding:
NewLSPsarefloodedtoallneighborswhenthereisachangeinthetopology.ItisanISISnetworkrequirementthat
allISroutersreceiveallLSPs.RememberthateachLSPincludesaSequenceNumberPDU,anSNP.Thereare2types
ofLSPflooding:FloodingonaPointtoPoint(P2P)circuitandFloodingonaLANcircuit
FloodingonaPointtoPoint(P2P):
FloodingoccursfornewLSPsonly.WhenanewLSPisreceivedinaP2Penvironment,itisinstalledintheLSP
databaseandmarkedforflooding.
Itisfirstsenttoallneighbors.NeighborsinturnfloodtheLSPfurther.OutofdateLSPsareacknowledgedbutnot
flooded.Thisisbecause'state'isalreadymaintainedforthisLSP,soinfiniteloopingofLSPsisavoided.
Ifthereisatopologychange,P2ProuterswillimmediatelyfloodanewLSPtonotifytheirP2Pneighbor.TheP2P
neighborwillacknowledgereceiptofthenewLSPandwillcontinuetofloodittootherneighbors.
FloodingonaLANcircuit:
OnaLAN,ISISusesaDesignatedIntermediateSystem(DIS)asmentionedpreviously,tomanageLSPflooding.
WevealreadymentionedthatoneofthetasksoftheDISistocreateapseudonodeavirtualnodethat
representstheLANitself,andthatallroutersontheLANincludingtheDISformanadjacencywiththe
pseudonode.
However,alloftheroutersontheLANalsoformanadjacencywiththeDIS.WhentheDISlearnsthatalinkoutside
oftheLANhasgonedown,itwillimmediatelyfloodanewLSPtoalloftheotherroutersontheLAN.Theother
routerswillreceivetheupdateLSP,butwillnotacknowledgeit.Theywill,however,floodtheupdateLSPouttheir
otherISISinterfaces.
IfanonDISrouteronaLANlearnsthatalinkoutsideoftheLANhasgonedown,itwillsendanupdateLSPtothe
DIS,andtheDISwillfloodtheupdateLSPtoallotherroutersontheLAN.Insteadofacknowledgements,theDISona
LANwilluseaprocessinvolvingsequencenumberpacketstoverifythatalltheroutersontheLANhavelearned
aboutallupdatesandhavesynchronizeddatabases.
Adjacencies&LSDBs:
ISISlinkstatemessagingbeginswithISrouterssendingHellopackets
outtoallISISenabledinterfacestodiscoverneighborsandtoestablish
adjacencies.
HelloPDUsprovideinformationaboutthenetwork,itsparameters,
anditsconfiguredcapabilities.Bydefault,HelloPDUssentevery10s.
Next,Neighborrelationshipsandadjacenciesareformed.Routers
thatshareacommondatalinkperlevelbecomeISISneighborsiftheir
Hellopacketscontaininformationthatmeetsthecriteriaforforming
anadjacency.
Themaincriteriaforadjacencyformationismatchingauthentication,
IStype,andMTUsize.Differentneighborsandadjacenciesare
identifiedforeachlevelofISISrouting.
Onceanadjacencyisestablished,eachISroutercreatesoneormoreLSPsandfloodsittoitsadjacentneighbors.
EachroutergeneratesoneLSPaboutitself.
EveryroutermusthavethesamesetofLSPs
FastLSPpropagationisachievedviamechanismcalledflooding.
EachISISroutercomputesoptimalpathtoalllinkspresentinlinkstatedatabase.
OptimalpathisselectedviaShortestPathFirstalgorithm.Itisbasedonlowestcostofcompletepath.
Neighborsvs.adjacentrouters:
Attheneighborstageroutersexchangeverylimitedamountofinformation.
Inordertobecomeadjacent,routersneedtolearneverythingabouteachother.TheyexchangeLSPsuntiltheirlink
statedatabasesareidentical.
Aftersynchronizationeachroutercancalculatebestpathsfromitsperspective.
OSITerminology:

OSIterminologyusedinconnection
withISISisquitedifferentfromIP
networkingworldbuttheycanbe
relatedquiteeasily.Onthisslide
OSItermsareonlefthandsideand
correspondingIPtermsontheright.
OSPFxISISsimilarities:

4.12 BGPOverview
Concepts:Whatisan(AS)autonomoussystem?
TheofficialdefinitionofanAutonomousSystemisagroupofoneormoreroutersrunbyanetworkoperatoror
serviceproviderwhichhasaSINGLEandCLEARLYDEFINEDroutingpolicy,underasingleadministration.
AnAutonomousSystemisusuallyownedbyaserviceproviderorlargeorganization.
UsuallyanAutonomousSystemwillrunanIGPinternally(OSPForISIS).
AShasanumberwhichactsasauniqueinternationalidentifier.ThisisourAutonomousSystemNumber.
ASnumberscanbepurchasedfromtheInternetAssignedNumbersAuthority(IANA).
TheprotocolusedtoconnectAutonomousSystemsisBGP.
WhatisBGP?
InterAutonomousSystemroutingprotocol.
BGPisusedtoconnectISP'snetworksacrosstheworld.
WhyBGP?
IPGprotocolsdonotscaleverywellinverylargenetworks(consideredasbeingverychattyprotocols).
CouldweconnectourAutonomousSystemsusinganIGP?TheanswerisnobecauseIGPcannothandleso
manyIPprefixeswhicharecurrentlypresentinthelargeIProutingtablefortheinternettoday(over300,000
entries).
BGPisusedtoconnectISP'snetworksasitistheonlyroutingprotocoldesignedtomeettherequirementsfor
handlingsomanyIPprefixes.
ThereareanumberofdesignfeaturesthatmakeBGPidealforhandlingsomanyIPentries.
WeimagineBGPashidingtheinternalinfrastructurefromotherautonomoussystems.Theonlyinformationthat
BGPexchangeswithotherASsareselectedIPprefixesandwhichASsneedtobetraversedtoreachthem.BGP
informsotherautonomoussystemsabouttheaddingorremovingofAutonomousSystemstotheglobalcloud.But
hidesotherinformationthatcouldhaveanimpactontheoverallperformanceofBGPworldwidesuchasport
flapping,changesinthenetworktopologyandnewusers.Thisfeaturealsoreducesthesizeoftheroutingtable.
Thisisagoodthing.Itmeansthattherestoftheworlddoesnthavetoreacttoeveryeventhappeningwithina
singleautonomoussystem.ItonlyhastoreactinthecasewhereanASbecomesavailableordisappearsfromthe
globalnetwork.
Typicaldeploymentscenarios:
IfBGProutersareconnectedinthesameautonomous
system,theyuseinternalBGPbetweeneachother.

IfBGProutersareindifferentautonomoussystemstheyuse
externalBGP.

Asourautonomoussystem100isatransitAS,itwillallow
packetsfromAS20toAS300topassthroughit.
MultihomedAS:
Foranautonomoussystemtobemultihomeditneedstoconnectto
atleast2otherautonomoussystems.Thisisdeployedforredundancy
reasons.AS20willuseoneoftheseconnectionstoforwardpackets
outsideofitsownautonomoussystem.
Itmeansifoneconnectiongoesdown,AS20stillhasconnectionto
theinternetthroughtheotherconnection.Donotconfusethisscenario
withatransitAS.OurAS20doesnotallowtrafficfromAS100toAS30
totravelthroughit.

MPLSBackboneVPN:
BGPisalsousedforbuildinglayer3virtualprivatenetworks.InanMPLSbackboneiBGPisusedbetweenthe
ProviderEdgeroutersastheyareinthesameAutonomousSystem.
5.1CarrierEthernetOverview
WhyLearnaboutCarrierEthernet?
CarrierEthernetispartofthenextgenerationTelecomnetworksolutions.Operatorsaremergingthedeliveryof
multipleservicesoveracommonEthernettransportinfrastructure.Separatenetworksfallingunderthe
telecommunicationumbrellasuchasvoice,video,anddatawillconvergeonasingleEthernettransportnetwork.
ChallengesandTrendsinTelcoNetworks:
Operatorsneedtoscalefortodayandthefuture.
Ethernetisalowcosttechnologyandprovideshighbandwidth.
NewserviceopportunitiesareemergingontheTelecomEthernetnetwork.
OperatorsaredeployingnextgenerationnetworksthatprovideconvergedIPservicesoveracommonEthernet
transportinfrastructure.
WhatisCarrierEthernet?
CarrierEthernetisasolutionthatenablestheuseofEthernettechnologiesinlargecomplexnetworks.
CarrierEthernetextendstheEthernetprotocoltoprovidecarrierclassattributesintheareasofstandardized
services,scalability,reliability,servicemanagement,andqualityofservice.
BackgroundonEthernet:
Ethernetwasfirstintroducedin1973forLANbasedcomputernetworks.LANreferstoLocalAreaNetworkswhich
supportasmallphysicalarealikeahomeorofficebuilding.
MetroEthernetreferstotheuseofEthernetinametropolitanareanetwork.Itiscommonlyusedasa
metropolitanaccessnetworktoconnectsubscribersandbusinessestoalargerservicenetworkortheInternet.
MetroEthernetnetworksaretypicallymanagedbyoneorganization,theoperatorowningtheaccessand
aggregationnetwork.
CarrierEthernetreferstotheuseofEthernetinlargeoperatornetworksthatcanspanmetro,national,and
internationalgeographies.
CarrierreferstolargeoperatorslikeAT&T,Verizon,BritishTelecom,FranceTelecom,andBSNL(India)
Ethernetisthetechnologyofchoiceforoperatorsbecauseofitslowcostandhighbandwidth,butforEthernetto
workinlargeandmultioperatorenvironments,itneedstohavecarriergradefeaturestosupporttheoperational
complexityofthenetwork.
EthernetOAMforServiceProviders:
EthernetOAMwasnotdevelopedinLANenvironments,however,theneedforEthernetOAMiscriticalnowwhen
usedinlargecomplexenvironmentsinvolvingmultiplenetworkoperators.
Serviceprovidersneedmechanismstocentrallymonitorandmanagetheendtoendserviceconnections.
CarrierEthernetServices:
CarrierEthernetServicesreferstostandardizedservicestransportedoverthenetworktodelivervoice,video,and
datatousers.Therearethreemaincategoriesofservicesdefined:ELine,ELAN,andETree.
ELinecreatesavirtualpointtopointconnectionbetweentwosites.ELineServicecanbeusedtoprovide
*EthernetPrivateLines(EPL)
*VirtualPrivateLines(EVPL)
*EthernetInternetAccess
ELANcreatesavirtuallocalareanetworkenvironmentbetweenmultiplesites.Thissupportsamultipointto
multipointconnection.ELANServicecanbeusedtoprovide:
*TransparentLANServiceMulticastnetworks
*MultipointLayer2VPNs(L2VPN)
ETreecreatesarootedtomultipointconnection.ETreeServicecanbeusedtoprovide:
*Broadcastnetworks
*RootedtomultipointLayer2VPNs(L2VPN)
ExampleDeployments:
SomeexampleswhereCarrierEthernetaredeployedareinthefollowingnetworks:
MobileBackhaulTriplePlayBackhaulAnd,HighperformanceDatacenterwithEPLandELineservices.
5.2EthernetTransportFundamentals
EthernetEvolution:
Ethernetwasoriginallydesigned(1973)asaLocalAreaNetwork(orLAN)transmissionprotocol.BecauseofLAN
protocolsuccess,EthernethasevolvedtobeaviableprotocolforCarrierNetworksspanningmuchlargerareas.
UsingEthernetinCarrierNetworkshasintroducednewrequirementssuchasQualityofServiceGuaranteesand
fastrecoveryfromfailures.So,EthernetisaviableprotocolforRealTimetrafficsuchasVoice,Gaming,TV,etc.
EthernetandOSI:
Ethernetcanbecopperorfiber.
Thedatalinklayercanbebrokenupintotwosub
layerstheMediaAccessControllerandtheLogical
LinkController.
TheMediaAccessControlLayerisresponsiblefor
decidingwhenahostshouldtransmit
TheLogicalLinkControlLayerisresponsiblefor
settingupandcontrollingthelink.
IEEEdefinedtwostandards.IEEE802.2forthe
logicallinkcontrollerandIEEE802.3forthePhysical
andMACLayer.OvertheyearsEthernethas
evolvedandmanydifferentvariationsexist,many
ofthesecarriedoverdifferentphysicalcables.This
meansthatthereareanumberofdifferent
IEEE802.3standards.
EthernetPhysicalMedia1
10MegabitsPerSecondEthernetcanoperateover
CoaxialCablesbutthesedaysitismostcommonover
(UTP)UnshieldedTwistedPairCables.

UTPcablescanoperateinFullDuplexorhalfDuplex
mode.

100MegabitsPerSecondEthernetisreferredtoas
FastEthernetandusesthesameDataLinkLayerMedia
AccessMethodbuthasadifferentPhysicalLayer
operatingattentimesthespeed.
EthernetPhysicalMedia2:
ForGigabitEthernetwehavetheoptionofusing
UnshieldedTwistedPairCableswithfourpairsof
wiresusedorwecanuseOpticalFiberCables.

ThesecancomeintwoformatsShortWavelength
Fiber(specifiedasSX)whichcanoperateover
distancesofabout200metersandLong
WavelengthFiber(specifiedasLX)whichcan
operateoverdistancesofupto5kilometers.

For10GigabitEthernetandhigherall
transmissionmustbedoneoverOpticalFiber.
Ethernetnamingconvention:
ThefirstpartindicatesthespeedinMegabitsper
second.
Thesecondpartindicatesthetypeof
transmission.ThisisBasebandifonlyonesignalis
sentatatimeoverthecableandBroadbandif
multiplesignalscanbesentatthesametimeover
thecable.
Thethirdpartindicatesthephysicalmediumused,
forexampleUTPcableorCopper.
Thispartmayalsoindicatethemaximumdistance
allowedwhenreferringtoEthernetoverCoaxial
Cable.

EthernetAddress:
TheEthernetaddressiscommonlyreferredtoasaMACaddress.
ItisthehardwareaddressoftheEthernetnetworkcardandisreferredtoasbeingBurnedIn.
AllEthernetAddressesareUniqueandarewritteninHexadecimalformat.
UnlikeIPaddresses,EthernetaddressesdonotgiveanyinformationabouthowtoreachtheEthernetdestination
arethereforearenothierarchical.
TherearethreetypesofEthernetaddresses:
UnicastwhichaddressonehostonaLAN
Broadcast,whichaddressallhostsonaLAN
AndMulticast,whichaddressagroupofHostsonaLAN
MACaddressEUI48: Itis48bitsinlengthwhichgives2tothe
powerof48possibleaddresses.
Thistranslatestoabout50000addressesper
personintheworld.

TheMACaddressismadeupoftwo
equallysized24bitparts.Thefirst24bits
makesuptheCompanyIDwhich
identifiestheEthernetCardManufacturer.

CertainCompanyIdentifiersarereserved
soanEthernetinterfacecandistinguish
betweenUnicast,MulticastandBroadcast
typeframes.Thelast24bitsarewhatisthe
ExtensionIdentifierwhichisusedto
differentiatedifferentcardsmadebya
singlemanufacturer.

EthernetFrame:
PreambleandStartFrameDelimitertoindicatetothe
networkcardthatanewframeistobeprocessed.
DestinationAddressandtheSourceAddress.
Typefieldwhichistwobytesindicatingwhatisbeing
carriedintheEthernetframe.Atypicalexamplewould
by0800HEXindicatingthattheEthernetframe
containsanIPpacket.
Datacarriedintheframe.
FrameCheckSequenceusedforerrordetection.

CarriersenseMultipleAccessCollisiondetection:
Ethernetstandardwasbasedaroundwhatiscalledashared
segment,wheremultiplehostsconnectedtothesame
transmissionmedium.Thetransmissionmediumhadtobe
sharedandcollisionscouldoccurwhenmultiplestations
transmittedatthesametime.Ascollisionswouldresultin
corruptdatathatwasunreadablebynetworkcardsa
mechanismwasdevelopedtoavoidanddetectcollisions.This
mechanismiscalledCarrierSenseMultipleAccessCollision
Detection.
CarrierSensespecifiesthatastationmustsensethephysicalmediumbeforeattemptingtotransmit.
CollisionDetectionistheprocessbywhichastationcandetectifanotherdevicetransmitsatthesametime.Thisis
donebylisteningtothemediumduringtransmissionforanyotherdevicesthatmighttransmitatthesametime.
WhileCSMA/CDwasabigpartoftheoriginalEthernetStandard,inmodernEthernetnetworksSharedSegments
areavoidedbyusingswitchesandasaresultCollisionsarenonexistent.ThismeansthatCSMA/CDisnolonger
necessary.
CollisiondomainBridging:
Toaddresstheproblemofcollisiondomains,
theconceptofbridgingwasintroduced.

Bridgingallowsanetworktobebrokenup
intodifferentcollisiondomains,thusreducing
thenumberofcollisionsinthenetworkand
allowingmultipledevicestotransmitatthe
sametime.

InthisexampleaBridgeisinsertedbetween
thetwohubs.
Whenhostsconnectedtothehubonthelefthandsidecommunicatewithoneanother,itisclearthattheframe
doesnotneedtoreachthehostsconnectedtothehubontherighthandside.Bridginginvolvesconfiguringadevice
toeitherFilterframeswhichsimplystopsthemfrompassingthrough,orforwardframeswhichallowstheframe
topassthrough.InthisexampleHostAissendingaframetohostB.WhenHostAtransmits,thehubsendsitoutall
portsincludingtheportthatdeliversthemessagetohostB.
ThebridgenowmustdecidewhethertoFilterorforwardtheframe.Thisisdonebyusingthe`BridgesBridging
tablewhichincludesalistofMACaddressesandtheinterfacesthattheyareconnectedto.Inthiscasethe
destinationMACaddressisconnectedtointerface1/1.Thisisthesameportonwhichtheframewasreceivedand
thereforethebridgedecidestofilterthisframe.
Bridgelearning:
HowisMacaddresstablecreated?
Thisisdonebyexaminingthesourceaddressesof
incomingframes.Intheexamplethebridgehas
recentlybeingaddedtothenetworkandhasno
entriesinitsMACaddressTable.HostAsendsaframe
destinedforhostC.
Whenitreachesthebridge,itlooksattheincoming
framessourceaddressandtheinterfaceinwhichit
arrived.ThisisthenaddedtotheMACaddresstable.
Switches:
ThesedaysbridgesarenotverycommoninEthernetnetworksandaretypicallyreplacedbyswitches.Theterm
bridgingisnowtypicallyusedtoreferjoiningmultiplenetworkstogether.
Aswitchoperatesinthesamemannerasabridge,separatingcollisiondomains,
ThemaindifferencebetweenBridgesandSwitchesisthatSwitchescantransferframesinhardwarewhichresults
inmuchimprovedperformance.
Bridgesprocessingisbasedinsoftware;Switchprocessingisbasedinhardware(ASICs).
Switchesandcollisiondomains:
Becauseswitchestypicallyhavemoreportsthan
bridges,wecanconnecthoststothemdirectlywithout
usinghubs.
Thismeansaseparatecollisiondomaincanbecreated
foreachhostonthenetwork.
Withonlyonehostinthecollisiondomainthismeans
Nocollisionscanoccurasahostcannotcollidewith
itself!Withnocollisions,thereisnoneedtousethe
CSMA/CDmechanismtodetectcollisions.Without
CSMA/CDhostsnolongerneedtolistentothemedium
forcollisionsandthereforecantransmitANDreceiveat
thesametime.ThisiscalledFullDuplexModeandis
onlypossibleifahostconnectsdirectlytotheswitch.
SwitchBroadcasts:

WhileSwitchesseparatesCollisiondomains,when
aBroadcastmessageissentoverEthernetitis
destinedforalldevicesintheLAN.Thisusesthe
specialaddressofallFsinhex.Aswitchwill
forwardbroadcastsoutallports.

Ifmultipleswitchesareconnectedthebroadcast
messagewillpassthroughallofthemuntilit
reachesallhosts.Thistopologycanbereferredto
asabroadcastdomainandreferstoasetofhosts
towhichallbroadcastswillbesent.
BridgingLoops:
InEthernetnetworksitisdesirabletohaveredundancysothatifa
linkorswitchfailsconnectivitycanbemaintained.Atopologywith
redundantpathscontainsloops.
Onesinglebroadcastframecankeepspanningthenetworkand
multiplyingeventuallyusingallthebandwidthavailable.
AUnicastMessagewillalsocauseproblemsinthistopologyasa
switchmayreceivemessagesfromthesamesourceondifferent
ports.ThiswillcauseMACAddressTablestobeconstantlyupdating
asthesamedestinationMACaddressappearstobeconnectingto
theswitchesondifferentports.
AloopwillalsocausetheMACAddresstabletobetoggling.Itcan
alsocauseapplicationtofailasmultiplecopiesofthesameframe
havetobeprocessedoverandoveragain.
Ethernetloopavoidance:
Toaddresstheproblemillustratedweneedto
eliminateanypossibletrafficloopsinaSwitched
network.
Thetypeoftopologythatwilldothisissimilartothat
ofatree.
Notethatwithinatreeshapethereisonlyonepath
betweenanytwopoints.
Ifwecanapplythisstructuretoaswitchednetworkwe
caneliminateloops.
EthernetSTP:
ThealgorithmweuseiscalledtheSpanningTree
Protocol(orSTP)whichcreatesaTREEtypetopologyto
SPANthewholenetwork.

Interfaceswhichdonotformpartofthistreearethen
blocked,thuspreventingloops.

Theadvantageofthisisthateventhoughthelinksare
blocked,ifanotherlinkgoesdownoraswitchfailsthese
linkscanthenbereactivatedautomaticallythus
providinguswithredundancywithouttheadded
problemofEthernetloops.
SpanningTreeLinkFailure:
Inanetworkusingthespanningtreeprotocol,ifalinkfailsanewtreeiscreatedandinterfacesthatwereblocked
maybecomeactiveagain.Ifaswitchfails,thenetworkcanalsorecoverandconnectivitycanberestoredthroughout
allotherswitches.
STPProcess:
Thetopologyshownincludesmultipleswitches
connectedwithpotentialloops.ItalsohasLAN
segmentsconnectedtosomeoftheseswitches,
whichmightconnecttoendhosts.
TheSpanningTreeProtocol(orSTP)process
beginswiththeselectionofoneswitchasthe
RootBridge.Thetermbridgeisusedforhistorical
reasonsonlyandtypicallythetopologiesof
modernnetworksinvolveswitches.
Therootbridgeisselectedthroughtheprocess
ofanelection.Rootbridgeportsarealwaysin
forwardingstate.
AftertheSelectionoftheRootBridgeallother
Switchesmustselecttheirportwhichisclosestto
theroot.
Thiswouldbetheportthatofferstheeasiestorlowestcostpathtotherootbridge.ThesearecalledRootPorts.It
isimportanttorealizethatrootportsonlyexistonnonrootbridges.
Finallytheswitchesmustselectonededicatedportforeachsegment.Asegmentissimplyanyconnectionbetween
twoswitchesorandsegmentconnectingtoendhosts.Allportsonarootbridgearedesignatedports.Afterthese
portsareselectedallotherportsareputinblockingstateandarenotallowedtoforwardtraffic.Noticehowthis
createsaloopfreetreestructurespanningthenetwork.
HowSTPWorks:
Theelectionofarootbridgeandtheselectionof
portroleswithinSTPisalldonethroughBPDUs
(BridgingProtocolDataUnits).
ThesearemessagestheSwitchessendtoeach
othercontaininginformationusedtocreatealoop
freetopology.
EachSwitchisidentifiedbyaBridgeIdentifier(BID)
anditisthisvaluewhichisusedtoselectwhich
Switchbecomestherootinthenetwork.
TheBridgeIDismadeupofapriorityvaluewhich
canbesetbyanadministratorandtheMAC
addressesassignedtotheswitch.
ThereasontheMACaddressisusedaspartoftheBIDistoguaranteethatnotwoswitcheswilleverhavethesame
BridgeID.
ThelowerthebridgeIDisthemorelikelihoodofthatbeingtheroot.
IndesigninganetworkitisimportanttoconfiguretheprioritypartoftheBIDinordertoselectwhichdevicewill
betherootbridgeasthisisgoingtobethedevicethatismostlikelytocarrythemajorityofthetrafficwithinthe
network.
STPSwitchPortRolesDuringFailure:
BysendingtheseBPDUsbetweenswitches,SpanningTreeProtocolisconstantlyrunning,andifaswitchorlink
fails,theprocesswillcausethetopologytoreactandportswillmovefromblockingtodesignatedorrootportstates
tomaintainconnectivity.
STPPortStates:
Blocking:wheretheportisnotforwardinganytraffic.
Forwarding:wheretheportforwardstrafficnormally.
RootportsandDesignatedportsoperateinforwarding
stateandallotherportsshouldbeinblockingstates.
Whenachangeinthenetworkoccurs,portscannot
movestraightfromblockingtoforwardingstateasthis
couldcausetemporaryloopsbasedonincorrectMAC
AddressTables.Forthisreason,therearetwo
intermediateTransitionstateswhichportsmustgo
through.TheseareListeningandLearning.
Listening:theportoperationissimilartoBlockingState,
astheinterfacedoesnotforwardframes.Duringthis
state,oldincorrectMACAddresstableentriesaretimed
outasthesewouldbethecauseofanytemporaryloops.
Learning:framesarestillnotforwarded,buttheswitchbeginstolearntheMACaddressesofframesreceivedon
theinterface.
Inorderforaporttoforwardtraffic,itmustfirststartinBlockingStateItwillthenenterlisteningstate,then
learningstateandfinally,forwardingstatewhereitcanforwardtraffic.
RapidSpanningTree(RSTP):
EvolutionofSTP(interworkswithSTPswitches).
RedefinesthePortStatesandPortRules.
Quicktransitionofportstoforwardingstate,networksusingSTPcanbeupto50seconds.RecoverytimesforRSTP
aretypicallylessthan5seconds.
RSTPConnectionTypes:
InordertoimproveonSTP,RSTPdefinesthree
differentconnectiontypesinanEthernetnetwork:
LinkTypePointtoPoint,whicharedirect
connectionsbetweenSwitches
LinktypeShared,whichareconnectionsbetween
switchesthatgothroughahub
Or,Edgetypeconnections,whichconnectend
users.
RSTPOnlyreducesconvergencetimeforEdgetype
andLinkTypePointtoPointConnections.Inother
words,RSTPwillnotimproveconvergencetimesin
networksusinghubs.ThisisNOTaproblem,because
asmentionedearlier,HubsareNOTusedinmodern
Ethernetnetworks.

RSTPPortRoles:

NewPortRoles:
BackupPort:isabackupforthe
DesignatedPortofparticularSegment.

AlternatePort:isabackuptotheRoot
PortonaparticularSwitch.

DisabledPort:isaportthatisshutdown
anddoesnotformpartoftheactive
topology.
Portsonaswitchcanoperateindifferentstates
RSTPportstates: basedontheportrole:TheStatesare:
Discarding:wheretheportisnotforwardingany
traffic,thisissimilartotheBlockingStateinSTP.
Forwarding:wheretheportforwardstraffic
normally.

Rootportsanddesignatedportsoperatein
forwardingstateandallotherportsshouldbeinthe
DiscardingState.
Whenachangeinthenetworkoccurs,portsmove
intoanintermediateLearningState.InLearning
State,framesarestillnotforwarded,butthe
switchbeginstolearntheMACaddressesofframes
receivedontheinterface.
FinallyForwardingstatewhereitcanforward
traffic.

EthernetVirtualLANsVLANs1:

InaNormalEthernetnetwork,whenabroadcastframe
istransmittedtoaswitch,itissentoutallinterfaceson
theswitch.
ThisisbecauseanEthernetLANisconsideredtobea
broadcastdomainandthesebroadcastsarerequiredfor
manyprotocolstowork.
AVirtualLAN(orVLAN)isawaytosegmentan
EthernetnetworksothatmultipleBroadcastDomains
canbecreatedononeswitch.
VLANSoffermanyadvantagesinnetworkdesignastheyallowdifferentnetworkstoconnecttothesameswitches.
Forexample,segmentingbasedondepartmentinsteadofphysicallocation.VLANsalsoreducethesizeofBroadcast
Domainsand,asaresult,reduceoverhead.
ConnectingswitcheswithVLANs1:
InanetworkwithalargenumberofVLANs
andalargenumberswitches,many
connectionswouldberequired.An
alternativemethodofconnectingthese
switcheswouldbetouseaspeciallinkcalled
atrunk.
Trunkscancarrydatafrommultiplelocal
areanetworks(LANs)orvirtualLANs(VLANs)
acrossasingleinterconnectbetweenswitches
orrouters,calledatrunkport.Second,trunks
canbondoraggregatemultiplephysicallinks
tocreateasingle,highercapacity,more
reliablelogicallink,whichiscalledport
trunking.
Access/TrunkPorts:

OnanEthernetnetwork,switchportscanbe
configuredintotwodifferenttypes.

AccessPorts:arethosewhichconnecttoend
usersandareconfiguredtobeinjustone
VLAN.Framestransmittedonaccessportsdo
nothaveVLANtags.
TrunkPorts:cancarrytrafficformultiple
VLANsandthesewilltypicallyuseVLANTags.
Theseportsarethoseconnectingswitchesas
shown.
IEEE802.1QstandardforVLANTagging:
VLANTaggingisinsertedintheEthernetframe
aftertheSourceAddressandbeforethetypefield.
Itismadeupoftwoparts,theTagProtocolIDand
TagControlInformation.
TagProtocolIDisusedtoindicatethatthisisa
taggedFrameanduses8100HEXfor802.1q.
TagControlInformationismadeupofaVLAN
Identifier,whichindicatestheVLANnumber.
PriorityCodePoint:isusedtoprioritizecertain
VLANsoverothers.
CanonicalFormatIdentifier:isanonebitfieldused
toindicatetheformatofMACaddress
representationintheframe.
EthernetResiliencyLinkaggregation:
LinkAggregationisamethodofgroupingmultiple
Ethernetlinkstogethertoactasone.
TheseSeparatePhysicalLinksarethenseenasone
logicalLinkbytheswitches.
Thebiggestadvantageofthisisthatitprovides
redundancyfortheconnection.Ifoneofthephysical
linksfails,thewholelinkcanstillbemaintained.
Theaggregatedlinkcanprovidehigherbandwidth.
LinkAggregationisnotonlyusedbetweenswitches.
Itcanalsobeusedwhenconnectingtoserverswith
multiplenetworkcards.
IfswitchesareconnectedtogetherwithoutLinkAggregationitisclearthattherewouldbepotentialloops.Byusing
SpanningTreetheseloopswouldbeavoided.
OneswitchwouldbeElectedtheRootBridgeandallofitsportswouldbeforwarding,whiletheotherswitchwould
chooseonedesignatedRootPorttoforwardtrafficon.Theotherportswouldbeputinblockingmode.Inthiscase,
onlyoneofthethreelinkswouldbeusedtoforwardtrafficbetweentheswitches.
WithLinkAggregation,multiplelinkscanbetreatedasone.Thisaggregationmeansallinterfacescanbein
forwardingmodeandthebandwidthofalllinkscanbeutilized.
TheadvantagesofthisareIncreasedlinkspeedandIncreasedredundancy.
LinkAggregationControlProtocol:
ThestandardprotocolforLinkAggregationisTheLink
AggregationControlProtocol(LACP)
Itsusedtonegotiatetheaggregationoflinksbetween
devices.UsingLACPthegroupingoflinksasdescribedis
donedynamicallybythedevices,forexampletwo
switcheswithmultipleconnections.
DevicesusingLACPareconfiguredwithaLACPPriority
andtheonewiththeLowestPriorityValuedecideswhich
portsshouldbeaggregated.Portsthemselvesalsohave
prioritiessetonthem,socertainlinksaremorelikelytobe
usedthanothers.Thisisnegotiatedbetweenthedevices.
Amaximumof16portscanbeselectedforoneLACP
group,andofthose16,only8canbeusedatanyone
time.Theother8willbekeptonstandbyasbackupports.
LinkAggregationrequirements:
ThereareanumberofrequirementsforlinkstoaggregatesuccessfullyusingLACP.Thelinksinvolvedmustbe:
FullDuplex
Pointtopointlinks,and
Operateatthesamespeed
IftheserequirementsaremetanLACPlinkwillform.Thedevicesthenstatisticallybalancetrafficacrossthe
differentphysicallinks.Thisisdonebycalculatingahashvaluebasedonthesourceanddestinationaddresses.This
meansthatforanLACPconnectioncarryingmultipleflows,eachphysicalEthernetlinkshouldgetanequalshareof
traffic.
TelecomGradeEthernet:
Asmentionedearlier,EthernethasevolvedfrombeenabasicLocalAreaNetworkProtocoltobeingoneusedin
CarrierNetworks.Thisevolutionbringsmanychallenges.
Theseinclude:
Muchlongerdistancesandmanymorephysicalendpoints.
MuchhigherbandwidthsandmuchmoreAggregationofLinks.
MuchmorestringentQualityofServiceLimits.Theseincludeintolerancetonetworkfailure.
EthernetRing:
BecauseofthegreatbandwidthRequirementsof
CarrierEthernetnetworks,Fiberopticalcablesarethe
commonmediumoftransport.Inthepast,Fibercables
havebeenusedforSDH/SONETnetworks,andconsist
ofaringtopology.
Inmanycasesthefiberisalreadyinplace.Aswehave
seenearlier,aringtopologyisnotsuitablefor
standardEthernet.InorderforEthernettobeaviable
alternativetoSDH/SONET,itneedstobeableto
adapttouseexistingFiberRingtopologyandalsomust
matchtheperformanceofSDHSONETparticularlyin
termsofrecoverytimesforfailure.Thisisquitea
challenge.
Ethernetlimitations:
Oneofthebiggestproblemswithusingexisting
EthernetasaCarrierprotocolistherecovery
timefromlinkandnodefailure.Asdiscussed
previously,thespanningtreeprotocolcreatesa
loopfreetopologyandcandynamicallyadjust
thetopologywhenalinkornodefails.
However,evenwhenRapidSpanningTree
Protocolisusedthisrecoverycantakeupto5
seconds.WhilethismaybeokonaLAN,on
CarrierClassnetworks,carryingRealTimeTraffic
suchasTelephony,GamingandTelevisionitis
not.ThisisunacceptableforRealTime
traffic.OnaLANthismaycauseminordisruption
toservicebutwouldnotbecritical.
Unfortunately,however,thisisfartooslowforacarrierclassnetwork.SDHSONEToffersconvergencetimesless
than50ms.ForCarrierEthernettobeaviablealternativetothis,itsrecoverytimeneedstobeasgood.Onesolution
tothisisEthernetRingProtection.
EthernetRingProtection:
EthernetRingProtectioniswayofutilizingFiber
RingNetworksforEthernetSwitchesconnectto
existingfiberringsasshown.Oneoftheswitches
isconfiguredasthedesignatedMaster.This
switchhasaPrimaryportandasecondaryport
specified.
OneVLANissetupwhichiscalledacontrolVLAN
andthisspansthefullEthernetRing.Onthe
master,allportsareoperationalinthecontrol
VLAN.ThisVLANisusedforcheckingthestatusof
thenetwork.OtherVLANScanalsobesetup
whicharecalledDataVLANs.ForDataVLANsonly
theprimaryportoftheMasterSwitchisenabled.
Thesecondaryportisblocked.Thisiswhereloopsinthenetworkareprevented.Whendataisbeingsentacross
oneoftheDataVLANs,itisonlysentouttheprimaryport.WhenitisreceivedonthesecondaryPortitisdiscarded.
ThecontrolVLANisusedforsendingHealthMessagesmonitoringthestatusoftheEthernetRing.AHealthMessage
issentouttheprimaryport,andifitisreceivedonthesecondaryport,theMastercanbesurethattheringis
operational.
TelecomGradeFeaturesProviderBridgingusing802.1q
NeedtoextendEthernetfromLANtoMAN(MetropolitanAreaNetwork).EthernetserviceinanMANscaleiscalled
asProviderBridgingDomain.
WithoneEthernetnetworkbeingusedbydifferentcustomersalogicalwayofseparatingtrafficwouldbetouse
802.1qVLANtagging.EachCustomercouldbegivendedicatedVLANtagstousewithintheirSitesinorderforthe
CarrierNetworktodifferentiatetrafficfromdifferentcustomers.
VLANtagis12bitsinlengththisconfigurationhasalimitof4096totalVLANsdividedamongallcustomers.Ifsome
customersrequiredhundredsofVLANsthe4096VLANscouldbeusedupquitequickly.
Solution:QINQProviderBridging:
ProviderBridges(IEEE
802.1ad,QinQorQ
Tunneling)istheresultof
addingtheServiceProvider
VLAN(SVLAN)tothe
Ethernetcustomer'sframe.

Thisnewfieldisusedto
identifytheserviceonthe
operator'snetworkwhilethe
clientVLANID(CVID)
remainsunchanged.

WithinthecarriernetworkonlytheSTagneedstobeused.
STag:firstpartistheTagProtocolID.9100HEXisusedtoindicateQInQ.
Using802.1QinQtheCarriermustonlyallocateoneVLANIDperCustomerServiceonthecarriernetwork.This
solvesthescalabilityissue.NowtheCarriercanofferupto4096differentCustomerServices.TheTagaddedhere
issuedastheServiceVLANID.
QINQScalability:
802.1QinQimprovesscalabilityintermsofthe
numberofVLANsallowed.

ACarriercanofferEthernetServiceforupto
4096Customersbutnomorethanthis.Andeach
Customercandefine4096localVLANs.

Whilethisisaslightlimitation,agreater
limitationishowscalabletheCarrierNetwork
SwitchForwardingTablesare.

Remember,switchesforwardtrafficbasedon
MACAddressForwardingTables.So,eachend
hostMACaddresswouldhavetobeknown
withinthecarriernetwork.
Thiscouldgetverylargeifthecarrierwasofferingmanyservices,witheachservicemadeupofmanyhosts.For
correctswitchingofframesallMACaddresseswouldhavetobelearnedwithintheCarrierNetwork.
ProviderBackboneBridging(MACinMAC)IEEE802.1ah:
ProviderBackboneBridging(MACinMAC)
wasintroducedtoaddresstheproblem
associatedwithlargeMACAddressTablesin
QinQnetworks.Standard:IEEE802.1ah.

WithMACinMACtheCarrierdefines
ProviderEdgeBridges,whichconnect
tothecustomerNetworks.Whenaframeis
receivedfromthecustomertheframeis
encapsulatedwithaServiceProviderMAC
header.

Thisheaderwillbedifferentforeach
serviceandusedtoswitchtheframefrom
onecustomersitetoanother.
Whentheframereachesthedestinationcustomersitetheextraheaderisstrippedoffandtheoriginalframesent
intothecustomersnetwork.TheProviderBackboneHeaderismadeupofaBackboneDestination,whichisthe
MACaddressofthedestinationproviderbridge.TheBackboneSource,whichistheMACAddressofthesource
ProviderBridge.AndaBackboneTAG,whichcanbeusedtocreatedifferentVLANswithintheCarrierNetwork.
ThesecouldbeusedforconfiguringpointtomultipointEthernetnetworks.
ConnectionOrientedEthernetTrafficEngineering802.1Qay:
ProviderBackboneBridgingTrafficEngineeringisawayofcreatingamoreconnectionorientedEthernetNetwork.
UsingConnectionOrientedEthernet,StaticMACpathsaredefinedinthenetworkbetweenProviderBridges.
Becausethesearestaticallyconfigureditmeansthelearningfunctionoftheswitchescanbedisabled.
Withallpathspreconfigured,noSpanningTreeProtocolisneededasnoloopsshouldexist.UsingIEEE802.1qay,
thePathsaremanagedfromacentralserver.
TheprocessisinspiredbyasimilarmethodofnetworkmanagementusedinSDHSONETnetworks.

IP Fundamentals

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

IP Fundamentals

Transféré par

Droits d'auteur :

Formats disponibles

11.

Vous aimerez peut-être aussi